dstiles - 10:03 pm on Jan 6, 2010 (gmt 0)

Safe browsing:

Firefox with NoScript and turn off ALL javascript, iframes, redirects, PDF, Flash and pretty much everything else UNLESS you know the web site very well, and even then treat with extreme caution.

For preference get a Linux machine for browsing. It's not virus-proof but Windows is far worse and is not updated with patches anywhere near as often as (eg) Linux Ubuntu - bug fixes are introduced as and when, not three weeks later. And please don't say Apple is safe from viruses - it's at least as vulnerable as Windows now! Ditto some "personal" tools such as phones.

Do NOT trust AV software. It can get rid of quite a lot but a) it needs to know the latest virus that was only launched ten minutes ago; b) it can be disabled by a virus (that's as of several years ago); c) it can produce false positives; d) you probably haven't got it connected to your web browser anyway.

Google uses (used?) a third party service for virus detection that is only as good as the AV detection system it uses; see above.

Visit the zdnet security blog (which I've been told before I mustn't link to but which is an absolute MUST read) and review it at least daily. A short while ago I posted hereabouts details from a zdnet article giving the number of virus sites that google was listing; I forget how many now but it was a LARGE number.

Web sites:

Ensure you do NOT use web browsers on your server, nor email tools, either of which can get your server infected. Ensure your username and password are VERY good (12 alpha/numeric/symbol characters). Only use SSL-protected FTP with good passwords (and never anonymous). If you use SSH then be very careful: I had it enabled for an hour on a server and got hit thousands of times with hack attempts in that time. Keep an updated AV running on a regular schedule with emailed reports. Lock down IIS servers VERY carefully. Keep the software updated with the latest patches. I accept many web site owners cannot manage all of the above but ask your hosting service what THEY are doing.

One thing I have learned, as a web site designer and hoster, is that most site owners seldom actually look at their sites.

Blogs and forums are prime targets for planting virus links and again, many blog owners never monitor them or simply get bored and go away. If you have a blog or forum, keep the software up to date and run it moderated if possible.

General:

The tendency of botnet owners now is to spin off new domains at the rate of hundreds a day and switch them around whenever one is killed by (eg) google or the server's owner. The domains are usually aimed at compromised servers so watch out for any suspicious files on your server and keep an eye on (eg) IIS Manager for unexpected domains.

If you run a DNS server ensure it is safe.

And so it goes. Keeping a server clean requires continual vigilance. Ridding it of viruses can take days and lose you trade and customer confidence.