Essential Computer Software

These are just quick links to help me maintain software on various computers, some for business and some personal. Sorry if it's a little cluttered, but it's helpful to have it all in one spot. The version numbers are for personal reference and not frequently updated- expect newer versions to be available. All software is free and most is Open Source.

All:
Firefox (who cares about the version anymore - web browser [mirror])
Thunderbird (email client [mirror] - see release schedule)
Java
Flash

Windows:
Audacity (2.0.5 - audio editor)
GIMP (2.8.10 - Photoshop alternative)
LibreOffice (4.2.2.1 - Microsoft Office alternative. LibreOffice should be considered an update to OpenOffice 3.3.0 as many of the developers have migrated)
PuTTY (0.63 - secure terminal)
WinSCP (5.5.3 - secure ftp based on PuTTY)
VLC (2.1.3 - media player)
IZArc (4.1.6 - file compression - supports most formats)
Adobe Reader (11.0.6)

Security Related:
AVG (antivirus)
Avast (antivirus)
HashCheck Shell Extension (2.1.11 verify checksums and hashes from Windows Explorer)
S.M.A.R.T. Monitoring Tools (5.41 - hard drive pre-fail detection)
Nmap/Zenmap (6.45 - port scanner)
Wireshark (1.10.6 - packet sniffer)
SyncBack (3.2.26.0 - backup software)

Optional:
Google Earth
Pidgin (2.10.9 - multi-protocol IM client - changelog)
xchat (2.8.6 - mirc alternative chat client) [alternative builds]

Exact Audio Copy (EAC) (0.99pb5 - recommended for perfect rips.. see below for settings)
Lame 3.98.4 (mp3 audio encoder - current recommended version for EAC and other apps.. see below for settings)
ImgBurn (2.5.1.0 - cd/dvd burner great for iso files)
FinalBurner (2.24.0.195 - cd/dvd burner)
Burrrn (1.14b2 as of 8/26/2007 - burns music cds from audio files)

Other:
NVIDIA display drivers

Firefox Extensions/Themes:
Adblock Plus

NoScript (can be annoying until you whitelist common websites, but great if you accidentally load a risky website)
Search Engine Security (Criminals use fake search results which sometimes use multiple re-directions before arriving at the payload site, and they often they check the referrer to interfere with malware analysis. This plugin tries to forge the referrer which might trick some of the bad websites into thinking that you're a security researcher. If enough people use this, criminals might be less picky about checking the referrer, which should make malware analysis easier by the security industry. In the mean time this plugin should offer additional protection by making the URL strings look different from what the criminals are expecting and thus offer increased protection for your network.)
PDF Download (with all the recent PDF drive-by browser exploits, this plug-in which intercepts PDF files asking what you want to do with them may provide an additional layer of protection, although this doesn't appear to always stop them from loading)
User Agent Switcher (loads broken websites that only know IE and Netscape)
JSView (view CSS/JS files from any webpage)
Greasemonkey (does nothing by itself.. needs additional scripts for each site. Absolutely essential for one website I use, totally useless for others.. depends on the site)
ReloadEvery (if you need to keep reloading a web page.. eg to stay logged in)
FoxyProxy (proxy switcher)
IE Tab Plus (for broken webpages)
Phoenity Classic (one of my favorites for FF3)


Settings to Harden Adobe Reader:
Malicious Adobe Reader/Flash files are one of the most common drive-by attacks used to compromise computers. Other than keeping your software updated, these settings will harden Adobe Reader against all attacks including 0-day exploits that have not yet been patched. These changes are highly recommended because they offer significant security improvements while having minimal impact on most legitimate uses of the software.

1) Open tools -> Preferences
2) Change the following settings under the following categories:
Internet: Uncheck "Display PDF in browser". This will force a prompt to appear rather than having it open automatically. This will help prevent unexpected automated attacks. If you're not expecting a PDF because you were exposed to a drive-by exploit, you will now have the option to cancel opening the document before it even gets a chance to inflict harm.
JavaScript: Uncheck "Enable Acrobat JavaScript". Most exploit PDFs need this enabled.
Trust Manager: Uncheck "Allow opening of non-PDF file attachments with external applications". This is a stupid default to have enabled considering that Adobe allows executable files to be embedded into PDF documents.


EAC Settings for Perfect MP3 Rips:
Extract Lame from the link above and copy this into EAC's manual encoder settings. Adjust the -V quality # and the version used in the comment as appropriate (# should be 2-3 for transparent rips on most hardware and 4-5 for portable mp3 players). If you need better, I recommend a lossless format like flac instead of mp3 or you'll end up with the worst of both (eg large+lossy instead of large+lossless):

Lame 3.98.2+: -V# --pad-id3v2 --ta "%a" --tt "%t" --tl "%g" --ty "%y" --tn "%n" --tg "%m" --tc "Lame 3.98.2 -V#" %s %d
Lame 3.97 (not recommended): -V# --vbr-new --add-id3v2 --pad-id3v2 --ta "%a" --tt "%t" --tl "%g" --ty "%y" --tn "%n" --tg "%m" --tc "Lame 3.97 -V# --vbr-new" %s %d

For more information about why these are recommended settings, please see the Hydrogenaudio Forums. My commands above differ only in that they offer more detailed ID3 tagging than Hydrogenaudio's guide.