Smoothwall Firewall project

Wednesday, 14 October 2009

Building a secure bank account access virtual machine with Windows and Ubuntu

If you use your computer for accessing your bank accounts, and you use Microsoft Windows , you should be very worried at this moment in time if any of the following are not upto date:

1) Your Anti-virus
2) You Anti Spyware
3) Your Trojan detection
4) Your firewall software - all of them including zone alarm
5) You Anti-keylogger

If you don't know what any of the above are, then I recommend you immediately turn off you PC and speak to someone who does, as cyber fraud with Microsoft Windows is currently rampent and on the increase.

Having used Unix/Linux for many years, the above problems are massively reduced on that platform, and I therefore thought of a way to keep my Microsoft user friends safe as well.

So without further ado, here is what to do:

Step 1: Go to the following web site and download a piece of software for Windows, that will allow us to run Linux on top of it, without you having to change anything within Windows. You will need to be administrator to install this.

Virtual Box Downloads

Once you have this installed this we can then move onto the next step.

Step 2: Download a copy of Ubuntu Linux from the following web site. This file is of a type "ISO", you don't need to understand what that is, but we are going to use it to install our new "virtual machine". Note exactly where you store this on your machine, as we need this information later

Ubuntu Linux software

Step 3:

Load your virtual box software and click on the new virtual machine box - there are fantastic documents on the virtual box website to help but I will show a quick graphical install here. You can leave all the settings as defaults, just click next, and you can put the files into your My Document folder:











Just click on Finish and you have the bare bones of your new machine.

You now need to click on the settings button for your new virtual machine, as we are going to tell it where to find it - it's where you downloaded it from the Ubuntu web site.



You will be prompted with another screen , and you just need to select your downloaded "ISO" file. Just click on the ADD button and select the location.



Step 4: Lets test what we have.

Click on the Start button, and your new virtual machine will burst into life, just select your language and the try before install option, and that is it. This virtual machine in it's current state can not be written too, so no bad software can be installed, but it also means you would need to install Flash or Java everytime if your bank requires it. See below.





Step 5:

The next decision is upto you. You can either leave it like this and be super safe, but need to do some work each time you need to access the bank , or you can now install it into this new virtual machine and again only use it for your secure on-line communications, and never download anything apart from security updates to it. The beauty of Virtual box is the fast suspend and resume facility, which makes using this software a breeze.


Now I know for some this may seem difficult, but with a little reading and asking around it is not beyond most computer literate people. The question you really have to ask yourself, is what would you do if someone empties your bank account, how much pain would that cause you?

1 comment:

JR said...

What about if your host OS is corrupted with a key-logger? Won't the key logger be able to access the input anyway (and steal passwords)

And what if your host OS is infected with screen capture...just saying