Wednesday, April 24, 2013

How to Test Your Antivirus, Firewall, Browser, and Software Security

fortress
So you have an antivirus guarding your system, your firewall is up, your browser plug-ins are all up-to-date, and you’re not missing any security patches. But how can be sure your defenses are actually working as well as you think they are?
These tools can also be particularly useful if you’re trying to quickly determine how secure someone else’s PC is. They can show you just how much vulnerable software the PC has installed.

Test Your Antivirus

No, we’re not going to recommend downloading a virus to test your antivirus program – that’s a recipe for disaster. If you ever want to test your antivirus software, you can use the EICAR test file. The EICAR test file isn’t an actual virus – it’s just a text file containing a string of harmless code that prints the text “EICAR-STANDARD-ANTIVIRUS-TEST-FILE!” if you run it in DOS. However, antivirus programs are all trained to recognize the EICAR file as a virus and respond to it just as they would respond to an actual virus.
You can use the EICAR file to test your real-time antivirus scanner and ensure it’s going to catch new viruses, but it can also be used to test other types of antivirus protection. For example, if you’re running antivirus software on a Linux mail server and you want to test that it’s working properly, you can email the EICAR file through the mail server and ensure it’s caught and quarantined.
Note: it’s important to test and make sure all your defenses are correctly configured and working properly, but this can’t guarantee your anti-virus will catch every new virus. Since there are new viruses every day, it pays to still be vigilant about what you download.
You can download an EICAR test file from the EICAR website. However, you could also create your own EICAR test file by opening a text editor (such as Notepad), copy-pasting the following text into the file, and then saving it:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Your antivirus program should react as though you had just created an actual virus.

Port Scan Your Firewall

If you’re behind a router, the router’s network address translation (NAT) feature effectively acts as a firewall, preventing other computers on the Internet from connecting to your computer. To ensure that your computer’s software is sheltered from the Internet – either with a NAT router or through a software firewall if your computer is connected directly to the Internet – you can use the ShieldsUP! test website. It will perform a port scan of your IP address, determining whether ports are open or closed at your address. You want ports to be closed to protect potentially vulnerable services from the wild west environment of the open Internet.

Check Browser Plug-ins

Browser plug-ins are now the most common attack vector – that’s software like like Java, Flash, and Adobe’s PDF reader. You should ensure that you always have the latest, most up-to-date versions of all your browser plug-ins if you want to stay safe online.
Mozilla’s Plugin Check website is particularly good for this. It’s made by Mozilla, but it doesn’t just work in Firefox. It also works in Chrome, Safari, Opera, and Internet Explorer.
If you have any out-of-date plug-ins, you should update them to the latest, secure versions. If you have Java installed at all, you should just uninstall it now – or at least disable its browser plug-in. Java is subject to a constant flood of zero-day vulnerabilities and seems to spend most of its time vulnerable to attack.

Scan For Vulnerable Software

On operating systems with central software repositories (like Linux) or app stores (like iOS, Android, and Windows 8’s Modern environment), it’s easy to tell that all your applications are up-to-date with the latest released security patches. It’s all handled through a single tool that updates them automatically. The Windows desktop doesn’t have this luxury.
Secunia, an IT security company, develops a free application named Secunia Personal Software Inspector to help with this. When installed, Secunia PSI scans the software installed on your computer and identifies any out-of-date, potentially vulnerable programs on your computer. It doesn’t know about every piece of software ever created for Windows, but it does help identify software you should update.


Of course, this doesn’t cover everything. There’s no way to ensure your antivirus will catch every virus ever created  — it won’t because no antivirus is perfect. There’s no way to ensure you won’t fall prey to phishing or another social-engineering attack. But these tools will help you test some of your most important defenses and ensure they’re ready for an assault.

No comments:

Post a Comment