Hello there,
i have setup a guide for adding more security. Please leave me a comment if this was helpfull or not. Formattion and appearance is not perfect yet but will be changed soon
1. Antirus – free version is not good enough
2. Passwords
3. Backups – Hardware/workstation
4. Check for running RDP service
5. Avoid unneeded software and uninstall them
6. Setting up your own hardware based firewall
7. Check if your emailadress/password and more has been leaked - haveibeenpwnd.com
1. Antivirus
Antivirus is in these days more needed than ever. There are plenty of free antivirus software developers but if you want to have „real“ protection i would step away from free antivirus software.
There are good and quite cheap antivirus software includeing anti ransomware protection (you highly want this to be a part of your antivirus) and other usefull protection.
I can recommend:
- Bitdefender Internet Security (most recent version)
- TrendMicro Internet Security (most recent version)
- Kaskersky Internet Security (most recent version)
Whenever you are going to ask another IT guy about his antivirus preferences he, most likely, will name different antivirus software. As far as your choosen antivirus software has all the features you need it will most likely be good.
For all antivirus i know there is not much to be done after installation and activation. You should sometimes check if it’s doing antivirus definition updates and also a complete antivirus scan (once per week) should be fine.
2. Passwords
Please ALWAYS use different passwords on different exchange ans pools. As a pool OP i can say that there are possibilitys to convert the encrypted user passwords into clear text. Meaning a pool scamming people might take your password and email combination and simply try to login in all known exchanges. Here are some basics:
- Use different passwords on every cryptorelated website you use
- Use VERY SAFE PASSWORDS for exchanges. I recommend useing a password with more than 12 characters includeing the complete range of characters being available.
- If you have problems with remembering passwords here is a good trick to get better : Create a sentence and then take only first characters of the words. Here is an example:
- I like cryptos because i think, once in a time cryptos will become great in 2018! „Ilcbit,oiatcwbgi2018!“ Strong password (might need some more capital letter) and easy to remember
3. Backups
For hardware based backups i prefer backing up to a NAS (network attached storage) or any other network share. I like network shares as you can make them „unmount“ after the backup is done. This can be very helpfull for any incomeing ransomware attack, as an un-attached backup media wont be encrypted, an attached USB HDD will be encrypted.
As the backup software i can highly recommend „Veeam Backup Agent for Windows Free“. If you are running on Linux you can also use Veeam, they have a version for Linux called „Veeam Backup Agent for Linux free“.
The good thing with Veeam Backup is: once installed and running, there wont be any problems. If there are problems you might have run out of free disk space or your hardware is damaged.
Please dont forget to install the Veeam Recovery Media. I used a cheap 8GB USB stick for my recovery media. We will need your media as soon as your workstation got infected, destroyed, hardware damage or anything. You can restore your complete Workstation, includeing all your personal files, wallet blockchains, emails, interent browser history and everything. You can even restore your workstation to complete different hardware. This feature is called „bare metal recovery“ and Veeam has everything you need.
I also suggest to copy your wallet.dat files to another USB drive. I am useing more expense USB sticks as they are better for longtime storage.
Important for your USB based wallet.dat backups: You never every are allowed to have the stick permanently attached to your workstation. As soon as ransomware or ereaser virus strikes in, your stick will be deleted and/or encrypted.
Please ALWAYS use secure password.
4. Windows only: Check for RDP Service and disable if enabled
A very common and used attack vector of ransomware is over the RDP port. On most windows installations the RDP (Remote Desktop Protocol) will be disabled. TO check if it’s enabled do the following:
Hit start go to control panel go to system on the left side: „Remote settings“ tab on the far right „Remote“ Check if „Remotedesktop“ ist o set to not allow any connection. If you need remote connection to your workstation i recommend useing a software like TeamViewer or different remote management software.
5. Avoid uneeded software
Check your workstation for any unneeded or unupdated software. If you need the software, PLEASE check for updates. Even a winrar or 7zip can be used as attack vector. Very important are Windows updates: Don’t forget to propper update your windows system
6. Setting up your own hardware based firewall
If you want to go tot he next level of security i would choose a hardware based firewall. If you are useing a router like DSL or cable there will be a „firewall“ included. Problem with included firewalls are that once a security breach is found, this single breach can be used to attack a whole range of different internet users. Hardware based firewall will add propper security to your network infrastruction. I will update the firewall chapter in few days, includeing useable and affordable hardware.
7. Check if your emailadress/password and more has been leaked
I know that most recent browser versions are most likely doing a "password leak" check on all saved password. From time to time, i can advice you to do a quick and free password leak check on
haveibeenpwnd.com. Even if your username/email and or password are leaked, there is nothing to worry about right now. Simply go to your accounts u are useing the same password (best is not to use same password on every service) and change is afap. If you have received emails about "invalid login" on your email account, you should also check that your password is a secure one. On most webservers/services it is not possible to "bruteforce" your passwords but attackers mit bug an encrypted database containing your email and password. As soon as they "opened" the complete database they can start to try out which account is worth enough to use it for an attack.
The worst thing which could happen is identity theft, might happen more easy than you expect.
Small example:
Hacker buys database and cracks it. He then logs in to you email account and notices "paypal/facebook" messages. Even if you did put an other password there, they will most likely use "forgot password". After they did capture your facebook account they might have all the informations needed to recet a paypal password, as most users will most likely enter the "real answers" to the security questions to reset your password on paypal. As soon as they hijacked your paypal, they will have:
Your real
- name
- address
- phone #
- bank accounts
So in basic, this are most informations they need to create online banking accounts. If they have hijacked your paypal, they could buy digital goods, send them to unknown adresses and your money might be gone.
Feel free to ask if you have any questions. I hope the guide is helpfull for some people. I would be happy receveing some feedback