LinkScanner Pro Keeps Your Computer Safe
Track computer exploits and learn how they work through LinkScanner Pro and the Exploit Prevention Labs Web site.
- By Peter Varhol
Ease of Use
1: Virtually inoperable or nonexistent
5: Average, performs adequately
I have a firewall on my network, and my IP address is a non-routable Class
C address that's handed out by my DHCP server. The Windows Firewall is also
turned on. I use an e-mail filter on my POP3 server and Outlook 2007 scans for
junk and malicious e-mail. I have ongoing subscriptions to Norton AntiVirus,
and my virus definitions are always up-to-date.
In other words, I do everything a reasonable person would do in order to keep
their systems and network clean. However, I still get adware, unwanted cookies,
bogus e-mails and even an occasional virus. Part of this occurs because of the
large number of Web pages I scan through on a regular basis. Another part comes
from the variety of applications that I use and review; many of these applications
need access to the network and even the Internet to work properly.
But since I've been running Exploit Prevention Labs' LinkScanner Pro, I'm now
fully aware of every process that's actively sending and receiving data across
the network, sites and exploits blocked, and what sites might be dangerous.
I'm warned of the hazards of visiting various Web pages, and why they might
The LinkScanner Pro console is a marvel of information packed into a small
space. Through separate tabs at the top of the form, I can completely control
how and where my computer goes once it leaves the safe confines of its physical
case. Finding different types of information, as well as configuring the software,
can be done with the click of a tab.
[Click on image for larger view.]
|Figure 1. LinkScanner
Pro's console displays all running processes and highlights those that are
actively transferring data.
Working with LinkScanner Pro
One of the product's key features enables you to scan a site ahead of time to
determine if it's safe, and immediately advance a browser to that page if there's
no problem. If there is a potential or real problem, it will not automatically
go to the page, but it will tell you what the issue is so that you can make
the determination yourself. You can do this from the LinkScanner Pro console,
or through integration with your Web browser (Internet Explorer, Firefox and
Opera are supported). Even if you don't use this feature, LinkScanner Pro will
slide up an unobtrusive window if it detects an issue with a Web page or other
questionable contact with your PC, telling you why you should be wary.
The feature I enjoyed most was the tab that displayed all running processes
and highlighted them whenever they sent or received data across the network.
Even though I do technical work with computers, I don't know what some of the
processes are that Microsoft displays in the Task Manager. It seems entirely
possible to slip one process among many that's stealing data or doing unauthorized
communication with the Internet.
This running process tab is great for looking at processes that communicate
with the network, including when they are doing so and how many bytes they are
sending and receiving. It's given me an excuse to look up some of the processes
that are running to determine if they're really supposed to be on my system,
and what I should do about them if they're not. The LinkScanner Pro software
doesn't provide all of that information, but it does give enough for me to be
careful in my research.
Another tab shows exploits prevented and sites blocked. The "exploits
prevented" information includes the type of exploit, where it came from,
the originating IP address and the port it came in on. If you need further explanation
of what those potential exploits are, simply click on an exploit's name and
it will provide you with a brief description of that issue. Need more? You also
have a link to a more detailed explanation from the company Web site.
Building a Community
As you might imagine, collecting information on exploits from Web sites and
other sources is a long, complex and never-ending job. Exploit Prevention Labs
attempts to leverage the resources of its user community to assist with this
process. As a part of the product installation, users are invited to join the
Community Intelligence Network, a way of sending information on exploits and
sites that host exploits to a centralized database, accessible to anyone.
The company also provides several resources on its Web site for understanding
new exploit techniques and what to do about them. Exploit Prevention Labs CTO
Roger Thompson pens a blog that provides a quick and easy way to understand
and deal with various exploits. And the company also publishes monthly assessments
on new exploits and how they work. Further, the Knowledge Base of exploits makes
for fascinating reading.
LinkScanner Pro is better suited for a more technical audience, rather than
for the average business PC user. It's difficult for someone who doesn't pay
a lot of attention to what happens on their computer to understand what an "Invisible
IFrame launcher" is, for example, which is one of the potential exploits
cited on my list. The sort of information provided by LinkScanner Pro and Exploit
Prevention Labs is more meaningful to someone who takes an interest in what's
happening on their computer and why.
But even people who use computers only because they have a job to do will also
benefit from LinkScanner Pro-not because of the information it provides, but
because of the warnings and blocking of exploits. You don't have to be a rocket
scientist to take advantage of these features without necessarily understanding
what they mean.