Eyes On Spies
Parts reprinted from PC World - May 2001 (pg.
146b) |
Here 's How to stop the
four most common methods snoops
use to monitor you on the Internet. |
Cookies
The most familiar and most widely adopted
monitoring tool is the cookie. A cookie is a small data file
- usually containing a unique indentification number - that
your Web browser stores on your hard drive when a site sends
it a certain command. Every time you request a page or item
from the site, the server connects that request to your
unique identifiation number, giving the company an exact
record of what you viewed on its site.
Some Web sites use the cookies to keep track of an online
"shopping cart" ; others want to record every click you make
at a site. Cookies aren't necessarily malicious, but they do
let sites or advertisers make a click - by - click record of
your surfing habbits. Cookies from ubiquitous ad servers like
DoubleClick can track you on every site for which they serve
ads.
How to Defeat Cookies
Sites use cookies for various reasons. If you
completely disable them, many Web sites won't work the way
you want them to. But you can limit the number of cookies
your browser consumes.
- 1) Use Cookie Blockers :
The free Cookiewall from AnalogX.com ( only
works for Internet Explorer users at this time ) , Webwasher which works on both
Netscape and IE or finally Guidescope from http://www.guidescope.com ( not sure
what this product works with but I think it works for all
browsers. ) for example, let you set cookie rules for
each site you visit.
- 2) Periodically Clear your Cookie
file : If you use Netscape, search for a file named
cookies.txt and delete it. If you use Internet Explorer,
navigate to
C:\Windows\Temporary Internet Files\ and
C:\Windows\Cookies and delete the entire contents
of both folders.
|
Web Bugs
Insidious and more difficult to fight
than cookies, Web bugs are minute, invisable graphics that
load with a Web page. Because Web bugs behave like banner
ads, they provide your computers unique IP address and the
location of the page your looking at to the server that sends
the bugs - but - because you do not see them, you never know
they're there. Web bugs can also identify you by setting
cookies and if you return to the same page later by
retrieving them.
How To Defeat Web Bugs.
Web bugs are basically located in graphics
files. If you disable image loading in your browser, you
won't be bugged, but you won't see any other graphics, either
- and that a trade-off most people aren't willing to make.
But these tricky files can be fooled.
- 1) Stop Cookies first :
Before you try to block the Web bug itself from loading,
you have to disable cookies. You can use the tools listed
in the section above. If you use Intenret Explorer 5.5
you can use a beta tool that lets you block or allow
cookies on a page by page basis. ( I looked for this tool
and it appears it was removed from their site.) I suggest
the Analogx tool listed above if you use IE. Most free
webhosts seem to use web bugs for tracking website
use.
- 2) Use Privacy-protecting Web Proxy
software: Freedom ( from www.Zeroknowledge.com ), Internet
Junkbuster ( from www.junkbuster.com ), and Guidescope
(mentioned above ) are all forms of proxy software. They
block your real IP address from loading the webpage first
to their servers and then to your computer. The drawback:
Using web proxies can slow your surfing.
|
Spyware and Removal Tools.
One thing often not mentioned is free and
shareware programs that add in a bit of a bonus that you most
likely do not want. I am talking about the practice of piggie
backing a type of ad program or internet use tracker in with
the software. Most know about programs like Gator, and
Aureate's offerings that to tracking on the web by the use of
DLL files included within the install process of other
programs. What many do not know is even in the case of many
of these install routines that give you the option to not
install the "free web enhancements" add them to your system
anyway. Even setting them up to use part of your system
resouces to do their dirty work. Removal of some of them will
leave the freeware program in operative or at least crippled
to some extent. So be aware of this before you proceed to go
digging around to remove them. Many of them are stopped by a
firewall that passes the Gibson Research site's Leak Test program
which you can freely download and test your firewall with for
leaks. The next tool is to get a detection and removal tool
for getting these DLL files off your system. By far the one
that seems to work most effectly from what I can see is the Spybot Search and Destroy followed closely by the
Ad-Aware program. Either seem to
deal with most of the problems within a few minutes. I
strongly suggest you consider use of one or the other to remove the problems
and free up some of your system resources, It is one of
the best use of hard drive space you will have.
|
Trojan Horses
Trojan Horses present themselves to the victim
as something worth possessing - such as a small game or an
image file - to mask their true mission: to sneak into a PC
and surreptitiously monitor, control, damage, or steal data.
Trojan Horses themselves may not cause damage, but they let
hackers or spies sift through your PC's files, disable virsus
checking software, or even use your PC to mount a distributed
denial - of - service attacks against another PC on the
Internet. Legitimate sites typically do not use Trojan
Horses. The best way to defeat these is not to get them on
the system. Once there many have to be removed from DOS or
Windows Safe mode as they are set up to start running when
you load Windows.
How To Defeat Trojan Houses
- 1) Use Antivirus Software :
Most tools can detect nearly all Trojan Horses. To
protect against emerging new ones, keep your virus
definition files updated.
- 2) Maintain a Personal Firewall:
A good firewall can protect you even if a Trojan
Horse gets in. Software like www.zonelabs.com firewall, ZoneAlarm,
can tell you if a program surreptitiously lets someone
else view or control your PC's data. ( see the Firewall page or the Link page page for
more information about firewalls and antivirus software.
)
- 3) Don't Open Attachments;
Victims must allow the Trojan horse into
their PC and activate it. Most Trojan horses arrive as an
email attachment, so never open an EXE file until you
know exactly what it does. Then scan the file with a
currently updated anti-virus software anyway, before you
run it. You may also wish to make sure you have the
preview of attachments turned off on Microsoft Outlook
Express or any mailer you may be using, as well as have
your anti-virus software set up to scan your incoming
email. Most of the current crop of anti-virus software
will allow for this option. If you are using or receiving
ZIP files by email you may also wish to check to make
sure your antivirus software is set up to scan these also
before they are opened. Some programs are not set up to
do this by default, and you may need to set these
functions on yourself.
- 4) If you do have a Trojan Horse
: Some Anti-virus software detect but
cannot remove Trojan Horses. Simply Super Software's
Trojan Remover ( www.simplysup.com ) is designed to
rid your PC of sneak attackers. You may also wish to check my Virus-Malware Page for additional choices in removal of Trojans. Before you get to that
point however if you can idenitfy the Trojan you are
dealing with it may be just a matter of restarting your
computer in Safe mode ( F8 when starting Windows ) and
then deleting the file in question. For additional
information here are two virus removal URLs that should
help provide some addition help as well as a Trojan port
use list.
www.antivirus.com/vinfo/ ( Trend
Antivirus - PC Cillen )
www3.ca.com/virus/encyclopedia.asp
(Computer Associates)
trojan_list.html
|
|
