Internet Security

 

There has been a lot of media attention recently about how easily your computer may be infected with viruses, worms, Trojan horses or spyware, often without you knowing about it. For example, Spyware or adware are relatively new programs that typical anti-virus applications do not detect.  How would you know if you have any of these pests on your system?  Answer the following questions. Is your computer running really slowly?  Do you see strange new toolbars in your Internet Explorer (IE)?  Does your browser crash often, or has your browser start page changed suddenly?  Do you or have you used any of the popular peer-to-peer programs (P2P) such as LimeWire or KaZaA recently?  If so, you probably have some type of spy or adware on your computer. Even if you do not notice anything unusual, you may be infected because a lot of spyware is silent.

 

Here are some tips for safeguarding your computer and protecting your computer from attacks.

 

1.   Always make sure that your operating system (OS), virus protection program, e-mail, and instant messaging (IM) programs are up to date. The reason for this is that many vulnerabilities on these programs are fixed through periodic patches. Many of these programs have automatic update features and it is a good idea to turn these on.

 

 

2.   Use a personal firewall. This is especially important if you are connected to a cable modem, DSL or wireless Internet service. Most XP users by now have downloaded the biggest upgrade Microsoft has offered so far. The Windows XP Service Pack 2. SP2 is a totally free upgrade designed to combat the recent onslaught of viruses and worms targeted at Windows users. Among the changes made in SP2 is a default firewall which is turned on as soon as the upgrade is downloaded. If you have not already done so, it is a good idea to enable Microsoft Windows Auto-Update which automatically downloads the latest security patches.  However, most experts believe that these changes may still leave you vulnerable and recommend getting a more secure commercial firewall.  However, if you can’t afford one, a number free firewall downloads are available at www.free-firewall.org. Most experts suggest setting the personal firewall to at least the medium level of security.

 

3.   In addition to a firewall, buy anti-virus software, such as Norton AntiVirus, McAfee VirusScan or ZoneLabs Security Suite, and keep the subscription current. Although these programs can be set to automatically check for updates, many subscriptions need to be renewed every one to three years. If you have not done so recently, check now to make sure that your virus software is up to date. Note that software vendors will never send you patches via e-mail. If you get e-mail pretending to be a patch from Microsoft or any other vendor, delete it.

 

4.   In addition to checking your computer, your virus program should be set to scan your e-mail and IM as well, Speaking about e-mails, you should be very leery about any and all attachments, especially ones with a .exe, .com or vbs extension. Unfortunately, in this day and age, if you don’t know where or who your e-mail is coming from, you should delete it before opening it. Note that a virus or worm can be transmitted through your e-mail either through attachments or embedded scripting on the e-mail message itself.  A good way to protect yourself from embedded codes within text is to read all e-mail through plain text format. You can easily change this in your preferences file.  If you are using Outlook Express, a good way to add further protection is to open Tools and then Options and then click on the Security Tab. Click on the “Restricted sites zones” button and adjust the setting to high.

 

5.   Many e-mail programs also have protection against Spam, but often you need to turn this on. For example, on Outlook 2003, select Actions-Junk e-mail options. You will see 4 radio buttons with various levels of protection. I would suggest using level High, which filters almost all junk mail and placing these messages into a folder. Since these program are not perfect, you should periodically review this folder to make sure legitimate e-mail is not filtered out.  If you have some recipients or domains that you are absolutely sure are safe, you can add these to the “Safe Lists” and they will not be filtered at all.

 

6.   If you do get Spam, never respond to it, or send in a “remove me from the list” response. All this does is lets the spammer know that your e-mail address is active, and that you are routinely checking it. More often than not, this will simply get you more Spam.

 

7.   One of the relatively new threats with e-mail is called “Web Beaconing.”  This is a way that spammers know that you have opened their e-mail through the use of a small picture embedded on their HTML formatted message, and send private information about you and your system.  A simple way to avoid this is by setting a security option that does not allow your program to automatically download pictures or HTML content. You can also set your e-mail program to not open any pictures or HTML on e-mail messages (e.g., it only opens the text).

 

8.   Consider getting two or more e-mail accounts. Keep one private for your friends family and close colleagues and one that you use for more public purpose. In this way, if you public e-mail account becomes corrupted or inundated with spam, you can easily get rid of it and start up another one. 

 

 

9.   If you surf the internet a lot, if you can, avoid using Internet Explorer (IE) altogether. Because of its wide spread use, it tends to be a popular target for hackers and adware programs and is probably the most vulnerable browser at this time.  In addition, for most PCs, IE is integrated with the operating system, which increases the vulnerability of your computer. The best alternative is probably Firefox which you can download for free here http://www.mozilla.org/products/firefox/?en-US&act=1.  Other options are Opera or Netscape and if you are a Mac user, you can also use Safari. If you must use Internet Explorer set the security settings to high. Although this will disable multimedia features of many Web sites, it will block a main path that intruders use to infect you. To set IE security to high from a PC, go to Tools, Internet options, and Security settings. From a Mac, go to the preferences, and then security zones options. 

 

 

10.                 Speaking about Mac users, it is widely known that Macs are far less vulnerable to outside attacks than PCs, although this is probably less true now than with the older Mac OS.  There are many reasons for this, but the major one is that hackers want to get the most “bang” for their effort, and Mac users are a very small minority. I’m a long-time Mac (and initially Apple II)  user myself.  If you can’t or don’t want to change to a Mac for everyday use, consider buying and using a Mac for e-mail, P2P, music and internet browsing and use a PC (which you never connect to the internet) for all of your other computer purposes. Another option would be to have two PCs (or two Macs) and use only one for internet or e-mail.  With the cost of computers being relatively low these days (my first computer cost $10,000.00!), I think it makes a lot of sense at least for some “at risk” and vulnerable professionals (small business, lawyers, doctors, psychologists, etc.) to do this.

 

11.                 We have all heard a million times the reasons why we should back up all of our important documents and folders at least once a month, but how many of use really do so?  Many programs are available that do this automatically and the slackers among us should make use of these. In addition, protect your files or computers with complex (alpha-numeric passwords) and periodically change these (e.g., every 30 days).  Do not use any words found in an American or any foreign language dictionary or a proper name for your password because these are more vulnerable to common password crackers.  As an alternative, think of a phrase that is easy to remember e.g., early birds get the worm, and use the first letter of each word as your password, preferable with a number in between and a combination lower case and caps (EbGt52w).  Also, when first logging on to your computer, do so as a “user” rather than an Administrator which makes it more difficult for a hacker to download and install a devious program on your machine.

 

12.                 Don’t give or e-mail your passwords to anyone, and don’t “post” them on your computer screen.

 

13.                 When surfing the internet, control your “cookies.”  These are bits of information that web sites store on your computer either temporarily or sometimes for years at a time. They may include passwords or user IDs.  In some cases these are useful because you don’t have to keep retyping them every time you load a new page at the site that issued the cookie. However, cookies can be used to track your visits through a Web site, determine the time you spend there or collect other information about you. Some of these are used only by the site that you are visiting, but often these are marketed to other sites as well.  Virtually all browsers let you control what, which or if any cookies are stored on your computer. These can usually be found under preferences and then under the security options.  You can also clear these at any time.  In many cases, it is a good idea to turn the cookies option “off” while surfing the net. Some browsers or programs warn you when cookies are loaded on you computer.

 

14.                 Turn ad “pop-ups” off.  This can usually be done from the preferences options of your browser program,. If your browser does not allow this, many programs can do this for you.

 

15.                 Many internet security problems can be greatly reduced by turning off (disable) Active Scripting, Active X control, Java or java script on your browser. Note that doing so will probably have an impact on some of the sites you visit, but you can easily turn these back on if you need them.  On Netscape, this is done through the “Advanced” settings of your preferences.  With Firefox, this is done through the Web Features section of preferences.  Note that turning off ActiveX on IE may interfere with Windows update so you should turn “Automatic updates” on.  Also, with IE, consider using the high (most secure) security level zone. Again, you can easily change this when or if you need to do so.

 

 

 

 

 

Links

 

A detailed and very useful guide for internet security can be found at the SANS Institute here:

http://www.sans.org

 

 

For detailed information about spyware, go here: http://research.pestpatrol.com/

 

A good program that detects and eliminates most of spyware is Spybot S&D. You can get it free here:

 

http://safer-networking.org/en/spybotsd/index.html

 

Another useful spyware program is called Pest Control. If you think you may have a problem with spyware, go here for a free scan

 

http://www.pestscan.com/

 

If you use a Mac, Internet Cleanup is a useful spyware and adware program. You can get information here:

http://www.allume.com

 

Information about Zonelabs can be found here:

http://www.zonelabs.com/store/content/home.jsp

 

 

Other commercial programs can be found here:

 http://www.pcsecuritynews.com/

 

or http://privacy.net/

 

A lot of freeware for virus protection and spyware is available online. For example, check out http://www.cdnet.com/software/ or do a search on google. On the other hand, a lot of freeware or shareware itself is designed to spy or collect information about you so you have to be very careful. Many commercial programs such as Lavasoft (http://www.lavasoft.de/) can detect these attacks.