All donations go towards web site maintenance for all of Technical Watch,
keep it free of charge, and may be tax deductable as an investment expense.


PayPal Verified
Join our market chat sessions every Tuesday and Thursday at 4:00 pm Pacific time!
More information on subscriber services can be found at
http://www.technicalwatch.com/subs.htm

Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
geosing

TW Member
Registered:
Posts: 356
Reply with quote  #1 

According to this BusiessWeek story, it seems unsecured computers abound - by owners who ought to know better.

 

http://www.businessweek.com/technology/content/nov2005/tc20051103_565150.htm?campaign_id=topStories_ssi_5

 

I used to think Interactive Brokers' required use of hardware tokens for account management access was a bit much. Now I really appreciate that they insist on it.

 

It pays to be careful. Be doubly vigilant in monitoring your account(s) and your computers.

 

Geo

 

0
fib_1618

Moderator
Registered:
Posts: 4,865
Reply with quote  #2 
Unfortunately, there are bad people in the world. Thanks for the good reminder. One should change their passwords at least every quarter, and to always make sure your ports are protected at all times.

Fib


__________________
Dave's LinkedIn Profile

Technical Watch Twitter Page

Technical Watch Facebook Page

"As for it being different this time, it is different every time. The question is in what way, and to what extent" - Tom McClellan

"An economist is someone who sees something happen, and then wonders if it would work in theory" - Ronald Reagan

"What we see depends mainly on what we look for" - John Lubbock

"The eye sees only what the mind is ready to comprehend" - Henri Bergson

“Answers are easy; it’s asking the right questions which is hard” - Dr. Who - 1977

"You know the very powerful and the very stupid have one thing in common - they don't alter their views to fit the facts, they alter the facts to fit their views (which can be uncomfortable if you happen to be one of the facts that needs altering)" - Dr. Who - 1977

0
hpm123

TW Patron
Registered:
Posts: 24
Reply with quote  #3 

If I may add a few resources available free of cost over the internet that I personally use, as well as how I manage my business assets (computers) in face of the exposures referenced in the article Geosing posted.

 

My home trading environment consists of 2 base PC systems, and also an older vintage Micron laptop for emergency use, as well as for when I travel. I'm still a struggling neophyte trader, but one of the allures of finding success in this business, is you can go virtually "anywhere" and conduct your day-to-day business. You really can't beat breaking the tethered line, and the freedom success in this business can offer... there's only one paramount requirement that comes with this proposition.. you have to be able to make it work!

 

I utilize 2 pc's for my trading environment.  I have a daily need for email access, forum and virtual trading room participation and general web-browsing. I also have a primary core environment that entails my brokeage trading application, as well as my charting application. My brokerage and charting requirements, I deem as "mission critical" to my core business operations. A business requirment that I personally feel justifies special equipment. Thus, I have a dedicated PC for just my brokerage and charting applications. This is all I do on this pc. I do not hit any sites on the internet with this pc, I do not check my email with this pc. I do nothing on this PC except run my core business applications.

 

For non business-critical activities, I have a secondary PC that I use for forum browsing, chat-room participation, e-mail checking, etc. By virtue of using this secondary PC for general internet access, this is the PC that requires the most management oversight as related to virus', spam, hacker control, etc. For this PC, and for my primary PC, I will utilize one or all of the following applications:

 

Virus Protection - AVG from Grisoft.com.  The following URL will get you to a free anti-virus application from this company:

 

http://free.grisoft.com

 

Use and operation is self-explanatory with a bit of reading. If already versed in anti-virus usage, one can easily determine how to configure this application.  I'm very controlled in my internet access use, so this application has met my needs. I was a Symantec user prior, and once my license expired, I chose the free route due to business costs management. So far, I have not seen any serious shortcomings using this application.

 

SPAM Protection - SpyBOT and SpywareBlaster. I use a combination of two applications for management of SPAM.  SpyBOT is an application that will REMOVE spam residing on a system and SpywareBlaster is an application that will PREVENT spam from penetrating a system. With this combination, you need BOTH applications. I'm sure there are commercially available (fee-based) applications that are an all-in-one solution, but these 2 applications have met my needs thus I have not researched other solutions. Both these applications are free, of which both companies also accept donations. A worthy jesture if one is capable of such.

 

SpyBOT - http://www.safer-networking.org/en/index.html  Click the "download" button at column-left, and follow the yellow-brick road.

 

SpywareBlaster -   http://www.javacoolsoftware.com/spywareblaster.html 

Click the "download" button mid-page, and follow the yellow-brick road.

 

 

STINGER.exe - This is a McAfee executable that I run weekly on both PC's. This is a non-resident application that you can execute off a floppy disk, that will also scan your machine for any hidden trojans, key-stroke loggers, etc. This is a stand-alone application that we used in my prior job, to scan a system that we suspected may have been comprimised.

 

I run this as another precautionary step, a step that ultimately is just the same as what my AV and SPAM applications monitor, just for additional reassurance that my system is stable and has not been comprimised. Overkill? Probably. But with the unfortunate risks that one assumes these days with just hoping on the internet, it makes me feel better..and that's what matters most to "me". 

 

The URL for this can be found at the following:

http://vil.nai.com/vil/averttools.asp  Download to your pc, and double-click the executable to initiate. 

 

Registry Cleaner - A PC can really get gummed up over time, as to registry entries still resident, but no longer required. This is a utility that I run just to better tune my PC. Not required for active management of virus' or spam, but a nifty utility for anyone interested. Provides other uselful functions as well. URL for this utility can be found at the following, just click on the appropriate link within the article:

 

http://www.4gggg.net/c/easyclean.htm

 

 

Disk Defragmenter - This application is native in Windows XP. Should be available in other OS versions, however not for certain where to find.  In XP, go Start ==> All Programs ==> Accessories ==> System Tools ==> Disk Degragmenter.

 

Firewall - I personally use a free version of ZoneAlarm. I've not had any problems with usage of this application on my secondary PC (email, browsing, etc). There are other firewall applications available, but this is the one I have used for serveral years and have not had any problems.  Will monitor every  application that tries to access your system from an external point of entry (i.e., coming in from the internet) and will monitor when an application residing on your PC tries to access the internet. When I say monitor, once this application initiates, you will get a pop-up window saying "Application xxx is trying to access the internet, do you wish to proceed".. You click a yes to no to permit access.  Of all the applications I've noted, this one requires the most user intervention, but is not rocket science to manage. 

 

ZoneAlarm can be found at the following URL -

http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp

 

How I Use these applications - As to how I personally use these resources, I utilize each resource noted above on my non-mission critical PC, the one I use for email checking, etc. This PC is unquestionably the most exposed to potential problems due to the very fact it spends the majority of time accessing the internet.

 

On my mission critical system, the one I use for my brokerage and charting application, I use SpyBOT and SpywareBlaster only on this PC. I do not run a firewall and I do not run any anti-virus application on this PC. (I will add that both pc's are networked through a LinkSys BEFSR41 gateway hub which does offer minimal shielding from the internet in way of IP address proxying, etc) Some people might not agree with this approach of not running AV and firewall, but I chose to keep my core system with as minimal overhead as possible as far as applications running in the background.

 

I choose to run SpyBOT and SpywareBlaster as a precaution in keeping any hijacker or key-stroke loggers bots from getting on my machine. As was alluded in the article in Geo's post, tiny applications can get on your machine that will capture your keystrokes (a keystroke process such as typing in a password) and send this off to some far distant places such as Denmark, Russia, etc for resale at a later time to some shady, roadside character.

 

I use this PC in a very controlled "internet-access" environment thus I choose not to load any AV or firewall. I have not noticed any adverse performance effects of running theses 2 spyware applications.

 

My weekly regimen (Secondary PC) - Every Saturday I do the following on my non-mission critical PC system. I will run a Spybot "Check for Updates" process - I will run a SpywareBlaster "Check for update" process and I will make sure my anti-virus signature files are current (I want all the latest detection pattern files, before I run the actual system scan) After making sure I have the latest detection files loaded, I run a full scan on the SpyBOT application to check for any SPAM or snooping type junk that may have found it's way onto my machine. I almost always come up clean.. but you never know when a new pattern may have been created by a hacker, of which the detection files by SpyBOT have not been createds yet. So I run this check religiously.

 

After this completes, I take my Stinger executable and run this. Again, probably overkill, but the more angles I've got attacking any potential hijacker software, the better off I personally feel. This can take a while, sometime upwards of an hour to run the Stinger application.

 

After Stinger completes, I do an AV (anti-virus) scan on my system. Again, this can take a while depending on how large your hard drive is.

 

After AV scan, I run a system defrag.

 

I'll probably, once a quarter, run my registry cleaner application. This is not a high usage type application. But if you've not re-formatted you system in a while, and have added/removed several applications over the process, not a bad idea to give your registry a go-over.

 

Aside from the normal backing up of key files stored on your system, that's about it as far as the process I use on my secondary PC.

 

My weekly regimen (Primary PC) - On this system, I will check for any program updates on SypBOT and Spyware Blaster. I will run the checks on SpyBOT as noted in the above segment.  If there are no updates required to the program when checked on the secondary PC, I will not run a check on my primary system. A check puts you out on the internet, and I try to keep this to a minimum on this pc.

 

After SpyBOT, I will run a Stinger check.

 

After Stinger, I'll run a defrag check and will run this process if required. 

 

Process complete.

 

Final Comments - These are but a few of the resources I personally use to manage my business resources (computers). I offer these as a "use at your own risk" as I cannot determine the computer knowledge of users on this forum. All these utilites I have found very user friendly, requiring minimal configuration, and usually run pretty good out of the box.  That said, there is user intervention required as far as initiating an application, checking for appropriate updates, etc. I will certainly try to offer any advice I can on usage if anyone has a question.

 

There are other steps a user can take to turn off features that, by default, are turned on when XP is loaded. I won't go into those, but a search on your favorite search engine, with keywords "Tuning XP" will reveal tips in this area.

 

Happy Computing -

Hal  

 

0
geosing

TW Member
Registered:
Posts: 356
Reply with quote  #4 

Excellent resource list, Hal. I will use it as a reference document myself. Another free resource for virus detection is offered by TrendMicro.

http://housecall.trendmicro.com/ 

 

You can use Housecall as a secondary resource to detect virii and spambots etc. It is always uptodate and available on the web. I always use it first before plugging in an unknown system to my network, which I have to do from time to time.

 

I myself run about a dozen systems with 4 used for trading related stuff - but most are behind hardware firewall and I also have IDS. This is not typical for most people so I cannot really recommend anything. Your stuff is a great prescription. Too many people do not realize the vulnerabilities - especially with Microsoft Operating Systems - that are routinely exploited. Probes are continuous and powered by robots so they are relentless in their pursuit for unpatched vulnerabilities and slack antivirus and bot protection. More and more financial assets are being managed online via the web interface and the sophistication of intruders is increasing to tap into this wealth. They must be thinking ... hey, the Street insiders are going to steal the money anyway, why not take some of it before they do...

 

Geo

0
hpm123

TW Patron
Registered:
Posts: 24
Reply with quote  #5 

Thanks Geo - Trend Micro.. Love their stuff. My last job we were a Symantec shop bigtime. Desktop, gateway, server, Exchange, etc. But anytime there was a virus outbreak, I was on the TrendMicro website digging for info, as Trend ALWAYS had virus description info posted first, and always had fixes out, way before Symantec. I spoke to our Symantec rep on this very issue, and he stated that they have such a "broad" product line, that they had to make sure any virus pattern updates were compatible across their entire product line before being released, thus the delay. Makes sense I suppose, but as an end-user, very frustrating when a fresh virus was on the loose, but virus update files would not be released, sometimes for hours. Our only recourse was to try to find what the suject or body lines contained (which we got thru Trend) and stop it at the mail gateway with keyword filtering. That and an email out to the user-base with a heads-up warning.

 

I think Trend is out of Japan which probably explains why they were always in the know first. Almost all these virus' anymore, originate out of the that part of the world and then propagate towards the US..

 

Anyway, good info as well and appreciate you sharing -

0
hpm123

TW Patron
Registered:
Posts: 24
Reply with quote  #6 

and let me add when I say I love Trends product, we did use Trends Spam filtering application for the company mail system. I don't remember the exact name of the application, but worked quite well. Even though we were heavily entwined into the Symantec product set, their application for spam management was quite weak, and we actually had to go with another vendors product (TrendMicro) to manage spam. That was another $8K in annual renewal expenses, on top of the Symantec renewal costs.

 

Before I left, it was determined that 72% of the daily mail volume coming into the company gateway was spam and virus related. I think it was around 15k spam and virus objects daily that we filtered daily on average. Incredible on its own, but even more incredible that it was projected to increase.  This was for a company with 1800 email users.

 

It is quite amazing, and quite sad actually, the resources required for a company, and individual end users as well, to "safely" utilize internet resources such as web surfing and email. A common and productive tool has been out and out hijacked by teenagers for bragging rights, and by those with more malicious intent. I'm sure product evolution will continue to develop in order to combat these current challenges, but for now, you have no choice but to manage it with safe computing practices and just being smart when utilizing this resource -

0
geosing

TW Member
Registered:
Posts: 356
Reply with quote  #7 

Advice from the SEC - your tax dollars at work. Some of it is even good.

 

http://www.sec.gov/investor/pubs/onlinebrokerage.htm

 

I think you should take advantage of the hardware security token gizmo if your brokerage offers it. Every time you need to make an important change to your account - like change bank accounts, withdraw funds, transfer money etc or even change email address, the temporary challenge/response provides an additional layer of security. Since the response is generated by hardware which you must physically have in hand, if your user id and password are stolen, the thief can probably make some bad trades, but cannot take the money out.

 

The device I have could use some improvement because I have a hard time reading the LCD display and the LCD characters. But it is good protection.

 

Geo

0
mortiz

TW Patron++
Registered:
Posts: 1,054
Reply with quote  #8 

Hey you guys,

 

Great resources and info you have provided in this thread.

 

I thought I was a computer geek until I started reading you guys' stuff, nicely done!!

 

Thanks much.

 

Randy

 

0
hpm123

TW Patron
Registered:
Posts: 24
Reply with quote  #9 

Another useful tool that I failed to mentioned can be found at http://www.grc.com. Scroll down and look for the ShieldsUP! link. GRC has several vulnerability tools on this site, including a utility to see if a users internet connected PC is vulnerable to probes coming in from the internet. Geo mentioned this in an earlier post and is quite correct in the exposure open ports on a users home pc system can generate. Open port probes are the "knock on the front door" the vacuum cleaner salesman uses to see if anybody's home. If nobody's home, which is what you want beit a vacuum cleaner salesman or some teenager probing for open machines, they'll move on to the next house and leave you alone.

 

ShieldsUP! is a handy tool that will connect you to a server on GRC's site, that will initiate port probes against your home PC and will report back to you any ports open on your machine. Checks all the most common ports that scanners use to detect open machines. Will give you a good starting point in determining how "visible" your machine is to voyeurs lurking on the internet -

for anyone interested -

0
IndexTrader

TW Member
Registered:
Posts: 7
Reply with quote  #10 

Just thought I'd second Geo's mention of IB's "identity token".  Excellent protection against the risk of withdrawing funds from an account.

 

Also thought I would mention that I use some of the software mentioned here, but I run two computers behind a router.  The router serves as an excellent hardware firewall.  You can use a router even with one computer to place the router between you and the internet.  I tried the GRC tests with my system, successfully.  I think this has to do with the router. 

 

IndexTrader

0
hpm123

TW Patron
Registered:
Posts: 24
Reply with quote  #11 

Hey there IT.. nice to see you over here on Fibs site.

 

Checked into the SecurID token with IB, and you gotta have $100k in your account to qualify.. not quite there yet myself.

 

The guy I spoke to at IB really didn't seem to know what this was. I asked since I didn't qualify, if I could pay for one of these. He again, didn't seem to know, and said all his terminal screen was telling him was you have to meet the minimum acct balance. Left it at that. Agree though, I'd get one of these if eligible - .

0
geosing

TW Member
Registered:
Posts: 356
Reply with quote  #12 

hpm, I believe you do need a minimum 100k equity in the account. As of now, I don't think IB offers this for a charge if the account is less than 100k.

 

Here is the IB reference.

 

http://www.interactivebrokers.com/en/accounts/secureTransactionProgram.php

 

Geo

0
IndexTrader

TW Member
Registered:
Posts: 7
Reply with quote  #13 

Sorry about that.  When they offered the ID Token to me they emailed me a description of the device, and since it sounded like a good secure system I decided to do it.  I don't recall now what the requirements were...seems like maybe I did this a year, year and a half ago.

 

I guess you just need to get busy and make some more dough eh?

 

IndexTrader

 

Quote:
Originally Posted by hpm123

Hey there IT.. nice to see you over here on Fibs site.

 

Checked into the SecurID token with IB, and you gotta have $100k in your account to qualify.. not quite there yet myself.

 

The guy I spoke to at IB really didn't seem to know what this was. I asked since I didn't qualify, if I could pay for one of these. He again, didn't seem to know, and said all his terminal screen was telling him was you have to meet the minimum acct balance. Left it at that. Agree though, I'd get one of these if eligible - .

0
tozwp

TW Member
Registered:
Posts: 3
Reply with quote  #14 

Link to IB's security token information:  http://www.interactivebrokers.com/en/accounts/secureTransactionProgram.php

 

This device works well.  Just don't lose it or your PIN!  I had forgotten my PIN having not used the device in a couple of years and had a heck of a time moving some funds around.  Eventually found it scribbled somewhere but I was a little worried that my funds were stuck.  It does keep your funds secure - even if it is from yourself......

0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.






Copyright 2000-2019 Technical Watch