|
Security Considerations Page This is the very short version of what is a far too extensive issue to place on one page. So here are the important points to go over on a sort of security check list.. The first item that should be included in anyones list of security tools is totally free, not hard to find in most cases, - a bit of common sence. Do not use simple passwords on your accounts that can be easily cracked by anyone who can figure out how to run one of the many programs designed to decode someones password using a dictionary list. Always make the password 8 places or longer and ideally make them random letters and numbers so they are next to impossible to decode by any type of preset list. Do not pick fights as it is the quickest way to get someone mad enough to make a project out of looking for a way to get back at you. Watch out where you go. Most know there are just certain places it is best not to be at for safety sake. The same holds true online. If you go to places like Warez and some chat rooms that are know hangouts for those who have nothing better to do than to goof up your computer if they can, you will more than likely provide them with a new target to work on. These three items in and of themselves will go a long way toward keeping you out of trouble online. First off - Never give out any personal information online. Many have come to regret doing so and paid heavily for it. This is not meant to say 99.9% of those who you meet online are not fine but it only takes that one in a thousand people for you to have some major headaches if you do. Make your passwords hard to guess and at least 8 characters in length, ideally a mix of letters and numbers. If you find you are unable to think up a password you may wish to consider a Password Generator Program like this one. Second - Keep as much personal information about yourself to yourself as possible. Public chat rooms and such often have lurkers who have nothing better to to than to look for information on someone. Do not give them anymore than you must to work with. Be wary of free email and sign up offers on even professional looking webpages. At the very least you may find you are getting all manner of email from doing so, most of it junk or Spam. Third - Install a Firewall program. Programs like ZoneAlarm - ( CNET download page as of 8-21-01 for ZoneAlarm Free version ) or go to http://www.zonelabs.com offer free for personal use versions that do fine as far as most peoples requirements, and are easy to set up and use. Want to know more about what a firewall is? Try this offsite link for a better explaination than I can give. However do not stop here, make sure you test your installation! After you have the firewall software installed, and running start up every program you normally would use online. Make whatever adjustments suggested or required to operate the program, and then go and do at least the basic port test on it. There is a good free basic port test at https://grc.com/x/ne.dll?bh0bkyd2 and then use the Probe My Ports button to activate a secure port scan of the basic ports on your machine. You should have Stealth or at least Closed results on all these ports. If not turn off access to all programs that are allowed server access first to your firewall, and try the port scan again. Then keep removing access to a programs until the open ports are closed or Stealthed. If you wish to have more security you may wish to disable the file and printer sharing in Windows. This effectively stops anyone from using many of the files on your system also. So if you do not need these functions , and most do not, you should consider disabling them. On most Windows systems they are on by default. To turn them off see the help section for your version of Windows or you can try the instructions on this link. If you do not wish to use ZoneAlarm see my Helps and Links page for an alternate free download firewall as well as a link to a more extensive port scan once you get past the Gibson Research scan sucessfully. Fourth - Get Antivirus software and keep it updated ! Some do not consider this a security issue. To me however it seems insane not to be considered as one. A good antivirus program correctly set up, and updated with current virus information will go a very long way in protecting you from several possible hazards. That being said I will also add, Antivirus software that has not been updated in the last 30 days to me is useless antivirus software regardless of who makes it. Even with limited memory on a system it should be possible to run a basic boot sector protection and scan any incoming downloads you get. If you do not have antivirus protection due to the cost of the software or updates, there is a very good antivirus program that is free for most people and is called AVGrisoft . I believe the free antivirus is good for all locations outside Europe and is about a 5mb download. See my Helps and Links Page for additional antivirus software downloads. Fifth - Do not open email or instant messenger attachments you did not request from someone. It sounds simple, but it is shocking how many do it. If you do not ask for a program first, do not accept or open it - even from friends! Who knows for sure if they got a virus that is sending copies of it's self using their addressbook! So just explain to your friends that if they wish to send you files to ask first and wait on approval. This also includes image files as some virus files are piggybacked onto what appears to be a normal image file at first glance. If you use a mailer turn off the preview options that opens files for you. Sixth - Go to Windows Update and get your security updates for your Microsoft products from time to time. It always surprises me just how many do not update their Windows Software! If you keep up with doing so, it is not a big job nor does it take a lot of time. Your first visit can be a bit long if you require many updates but after you have gotten over that it is not a big problem and generally speaking your machine works better after you do update. If you do not have the link listed already under - Start - Settings - Windows Update you can try this link ------> Windows Update or go to www.msn.com and then look for the Windows Update link under the from Microsoft section on the lower left of the page there. Seventh - consider a cookiewall or cleaning your cookies daily. The cookie while being a very useful part of internet operation, is also an often abused part of it as well. Cookies can be set to be very trackable and even report back your habbits while online. Both Internet Explorer, and Netscape ( and most other browsers ) have a pretty straight forward process to delete cookies, at the Tool section usually. The fact is both can be set to delete cookies when the browser is closed so you only keep them as long as you are online. Look at the settings or helps for your browser and version. Most however it is Tools, Internet Options, General then you will see a delete cookies or delete temporary internet files buttons there. You may also find the setting to change how long you retain cookies on Tools, Internet Options, Advanced on most browsers. If you find that a problem you might try one of these two options. The program Window Washer from Webroot Software cleans temporary internet files and can be set to do so on a timed basis without your directly operating it. For Internet Explorer users ( and those using browser skin versions of it such as NeoPlanet ) you may wish to look at http://www.analogx.com for a program called Cookiewall which works great with Internet Explorer as well as other software that use the Internet Explorer interface to run such as Kazaa/Morpheus, Neoplanet as well as others. Then you can manage what cookies you accept, keep, and delete. There are a few other programs that may or may not be useful for the same purpose such as Naviscope which you can get from www.tucows.com and then do a site search on your local mirror for the program there. Eighth - Use caution when surfing. Lets face it, if you go to places like Warez you are asking for problems, but it is certainly not limited to that area. Anyone with a good knowledge of webpage design can use Java scripting and CGI to generate a log of who connects and even in some cases send that to them as soon as a new vistor arrives. From this they obtain your IP address and seek to get into your computer. Here is an example on another page I have. Click here for your IP address... In Chat be wary of Private Messages as well as it is in some cases possible to do the same there on some sites. On HTML based chats it is often possible to just read IP addresses openly. Places like mIRC are havens for many who amuse themselves messing with people who wander in on them. So use a bit of common sence. If you do happen into areas like that from time to time, drop your connection and reconnect so you reset your IP address on a dial up. These few tricks will go a long way to stopping people from messing with you. In Closing.... Below is also a sample of the information that is discovered without too much effort. This is a very common and reasonably safe script, but there are some that are not so safe that are available as well. So you need to take some steps to protect yourself while you are online. Below is your browser and operating system information.
|