This page will attempt to explain items in detail about security issues one needs to be aware of online. It is not however an end all authority nor is it intended to be. It is just a bit more extensive version of what everyone should be very aware of while on the internet. Before we begin it is important to note there are JAVA scripts on this page and the links from this page that can be viewed as possible security risks. I assure you they are not but are there with the intention of showing you an example of what someone can do with the correct tools.. All for you to avoid this ---> .

Even at this the first real item that should be included in anyones list of security tools is a bit of common sence. Do not use simple passwords on your accounts that can be easily cracked by anyone who can figure out how to run one of the many programs designed to decode someones password using a dictionary list. Always make the password 8 places or longer and ideally make them random letters and numbers so they are next to impossible to decode by any type of preset list.  Do not pick fights as it is the quickest way to get someone mad enough to make a project out of looking for a way to get back at you. Watch out where you go. Most know there are just certain places it is best not to be at for safety sake. The same holds true online. If you go to places like Warez and some chat rooms that are know hangouts for those who have nothing better to do than to goof up your computer if they can, you will more than likely provide them with a new target to work on. These three items in and of themselves will go a long way toward keeping you out of trouble online. If you find you are unable to think up a password you may wish to consider a Password Generator Program like this one.

First off - Never give out any personal information online. Once your personal information is out on the world wide web, you are not going to be able to get it back. So if you let any Genie's out of any bottles chances are if you have directly to your name, it is going to be very hard to get them back in it and fully hidden. While by and large the internet is about like any other cross section of people, you have to be aware in many cases in such public forums as chatrooms, you could well be talking in from of some people you may or may not feel comfortable in real life. The use of some restraint is called for on your part as this is in my opinion the single most prudent step in protecting yourself. Indeed many have come to regret allowing their name phone number, mailing address, street address or other personal information get into the wrong hands and paid heavily for it. This is not meant to say 99.9% of those who you meet online are not fine but it only takes that one in a thousand people for you to have some major headaches if you do. No amount of hardware or software can fully make up for a lack of common sence on your part in this matter. Also just because it is a from on a website does not make it safe either. Anyone can make a webpage and it can look very offical. As someone who has had to contend with a "cyber stalker" of sorts already, it is important you realize caution is not a bad thing online. If you keep that single point in mind before you venture on you will have taken a lot from this page already.

Second - Be a bit wary with the sending of your email address to sites. Many ask for your email address or want you to sign up to do this or that. Often times the very agreements you are clicking on Yes to accept are signing away all your rights to privacy! Like many things there are few free lunches online. Most of these free offers come with some downside attached to it. Email severs send you unsolicited email, and may even send your information to other sales and marketers. So avoid these problems if you can by making an email on a server that is web-based and not your normal email. That way if you need to submit an email to someone it can be your junk mail box and not your normal mail. Even with these precautions, you will get more than enough junk mail or Spam. Once your information is out there, again it is next to impossible to get it removed from everywhere it can be sent to. I often suggest to new user to set up a "junk mail box" off on a free email site. Then when you are asked for an email address you can send them to that site, and check it only to the extent you wish to. Almost all major search engines allow for at least webbased email.

Third - Install a Firewall program. Programs like ZoneAlarm - or go to http://www.zonelabs.com offer free for personal use versions that do fine as far as most peoples requirements, and are easy to set up and use. Want to know what a firewall is before you install it? Try this explaination which is better than I could write personally. Click here to open the page about firewalls on an offsite link.  If you want more firewall features the ZoneAlarm Professional version is also a good buy and a highly rated program in every way. In fact I believe the ZoneAlarm Free version was rated the #1 freeware program, and the ZoneAlarm Professional was rated the best ( software based ) firewall by PC Word. There are many other fine software based firewalls available as well. Some are free some are not. It is not hard to locate other choices you need only go to any search engine and type in Firewall , or most any software download site will also list firewall downloads. I tend to suggest free products myself as most do not need to spend a great deal of money to have a reasonably good result, and frankly the free ZoneAlarm firewalls is perhaps the easiest to set up and use of any I have tried. Others I have seen work well are the Sybergen Secure Desktop firewall as well as Tiny Personal Firewall. Be wary of demo versions that will leave you without a firewall after 30 days. Regardless of which product you use, if it is a freeware firewall, retail software firewall , or even a hardware based firewall it is VITAL you test the firewall for open ports. There are a few good sites available for this purpose such as the Steve Gibson Research Site which allows you to port scan your firewall using their Shields uplink shown with a link on the picture. ( https://grc.com/x/ne.dll?bh0bkyd2 ) This is a good place to start your port scan but it is not a one time tool to use. Keep in mind also that when you first install the firewall it is a good idea to test the ports early on but also again after a few days of being online so other programs that may not always be used have had a chance to also be run. The goal of course being to test the ports with the programs you are going to be using all configured into the firewalls settings. You should also do at least the basic retest of your firewall every few weeks to a month depending on how much you are online. Even at this it is best to an extended port scan after you have passed a few of the scans done by the Steve Gibson Shields up test site. For this other sites like Security Space work well. You may also try Hackerwhacker but they only allow you one scan and after that it requires you purchase their service.

If you wish to have more security you may wish to disable the file and printer sharing in Windows. This effectively stops anyone from using many of the files on your system also. So if you do not need these functions , and most do not, you should consider disabling them. On most Windows systems they are on by default. To turn them off see the help section for your version of Windows or you can try the instructions on this link.

One last thing to mention is if you are strapped for memory, a firewall will take about 6 to 8 mb of memory on the computer. I however feel that is more than worth the trade off. I would also not suggest you turn off any alert box popup options until you observe the firewall for a week or more with your normal operation. There is one little thing else to consider is getting the little IP Agent which will give you your IP address on demand, as well as give you a link to the Shields Up page and start the testing. All you need do is download it, and make a shortcut if you wish to your desktop. I would also suggest you try the Leak Test program offered by Gibson Research as well.. Want more complex firewall protection, you can look for products by makers like 3Comm and Sonicwall for hardware based firewalls.


Fourth - Get Antivirus software and keep it updated ! Some do not consider this a security issue. To me however it seems insane not to be considered as one. A good antivirus program correctly set up, and updated with current virus information will go a very long way in protecting you from several possible hazards. That being said I will also add, Antivirus software that has not been updated in the last 30 days to me is useless antivirus software regardless of who makes it. Even with limited memory on a system it should be possible to run a basic boot sector protection and scan any incoming downloads you get. If you do not have antivirus protection due to the cost of the software or updates, there is a very good antivirus program that is free for most people and is called. I believe the free antivirus is good for all locations outside Europe and is about a 5mb download. As far as the best Antivirus according to the ratings and buzz at the time this was written, Panda Security did the best at detecting and removing viruses in a recent test by PC Word. I believe it is about $60.00 (us dollars) Others that are worth mentioning are PC Cillen as well as Computer Associates e-trust software Antivirus offering. Regardless of which you choose, just be sure to update it on a timely basis. Some programs have automatic update features that will check when you are online others you need to manually choose update. Also it is very important to provide yourself with a recovery and boot up diskettes as per the antivirus makers instructions. So which ever you install be sure you have the materials on hand to make the needed boot/recover diskettes. ( some like Norton my require four or more diskettes, most take one or two. ) It is also a good idea to have a set of DOS boot diskettes if you are using a Win95/98 machine and whatever boot diskettes are required for Windows ME/ 2000 as well. Needless to say keep your recovery CD Rom or Windows CD in a safe place as well and have the serial numbers for it with the CD. )  While I do not believe online virus scanning can compare to real time protection software on your computer you can also find online virus scanning if you get caught without antivirus protection. Of these I suggest http://housecall.antivirus.com/housecall  clicking on this will start the scan in a new browser window.

Fifth - Do not open email or instant messenger attachments you did not request from someone. It sounds simple, but it is shocking how many do it. If you do not ask for a program first, do not accept or open it - even from friends! Who knows for sure if they got a virus that is sending copies of it's self using their addressbook! So just explain to your friends that if they wish to send you files to ask first and wait on approval. This also includes image files as some virus files are piggybacked onto what appears to be a normal image file at first glance. If you use a mailer turn off the preview options that opens files for you. If you use a mailer such as Outlook Express, be sure you have it included in any virus scans as well as know how to set the security settings on it. ( Tools, Options, Security ) There is a provision to accept or not accept attachments. It is also very wise to go to Windows Update and make sure you have the security patches installed for both your browser and mailer if you are using Microsoft products that is. Most larger email sites scan email for you also but you may wish to check to be sure before you assume it is the case.

Sixth - Go to Windows Update and get your security updates for your Microsoft products from time to time. It always surprises me just how many do not update their Windows Software! If you keep up with doing so, it is not a big job nor does it take a lot of time. Your first visit can be a bit long if you require many updates but after you have gotten over that it is not a big problem and generally speaking your machine works better after you do update. If you do not have the link listed already under - Start - Settings - Windows Update you can try this link ------> Windows Update or go to www.msn.com and then look for the Windows Update link under the from Microsoft section on the lower left of the page there. Once you arrive on the site, you should see either a "Product Update" link on the left side or on the main part of the page. Click on either and it should start checking your system for installed updates. If you do not have the update installer it may ask to download and install it first ( at which you are pretty safe to say yet to by the way ). Then after a few seconds to a few minutes depending on your connection speed, it will send you a page of updates. They are always listed Critical updates first, then Recommended Updates, then Suggested updates. You should generally always get Critical updates. These are often already checked for you in the order they should be downloaded. If you have not updated your Windows Software before, it may be a long process to get all the Critical updates. However generally once you catch up with the updates it is not a big job to keep up with them. You should however check back at least monthly.

Seventh - Consider a cookiewall or cleaning your cookies daily. The cookie while being a very useful part of internet operation, is also an often abused part of it as well. Cookies can be set to be very trackable and even report back your habbits while online. Both Internet Explorer, and Netscape ( and most other browsers ) have a pretty straight forward process to delete cookies, at the Tool section usually. The fact is both can be set to delete cookies when the browser is closed so you only keep them as long as you are online. Look at the settings or helps for your browser and version. Most however it is Tools, Internet Options, General then you will see a delete cookies or delete temporary internet files buttons there. You may also find the setting to change how long you retain cookies on Tools, Internet Options, Advanced on most browsers. If you find that a problem you might try one of these two options. The program Window Washer from Webroot Software cleans temporary internet files and can be set to do so on a timed basis without your directly operating it. For Internet Explorer users ( and those using browser skin versions of it such as NeoPlanet ) you may wish to look at for a program called Cookiewall which works great with Internet Explorer as well as other software that use the Internet Explorer interface to run such as Kazaa/Morpheus, Neoplanet as well as others. Then you can manage what cookies you accept, keep, and delete. There are a few other programs that may or may not be useful for the same purpose such as Naviscope which you can get from www.tucows.com and then do a site search on your local mirror for the program there.

Eighth - Before we start topic eight, I have placed the next few items here as much for food for thought as anything. I am not stealing your IP address, or anything along those lines. These both are pretty commonly downloadable scripts with real practical uses. However they are here to show you an example of what can be done with scripting in the wrong hands. I can only say my use of these scripts does not send or log any data for me. The only data obtained by the use of this site is also available to you at the site stats on the entrance page (Geocities only) . The scripts on this page are stand along and are not linked to CGI scripts that would send me your address or other information. They are here to prompt you to use caution when surfing. Lets face it, if you go to places like Warez you are asking for problems, but it is certainly not limited to that area. Anyone with a good knowledge of webpage design can use Java scripting and CGI to generate a log of who connects and even in some cases send that to them as soon as a new visitor arrives. From this they obtain your IP address and seek to get into your computer. Here is an example on another page I have. Click here for your IP address... In Chat be wary of Private Messages as well as it is in some cases possible to do the same there on some sites. On HTML based chats it is often possible to just read IP addresses openly. Places like mIRC are havens for many who amuse themselves messing with people who wander in on them. So use a bit of common sence. If you do happen into areas like that from time to time, drop your connection and reconnect so you reset your IP address on a dial up. These few tricks will go a long way to stopping people from messing with you.

Close this page to return to the menu

Printing instructions - Additional Suggested Reading....

Text version - right click select all, save to notepad then select file then print

Eyes on Spies Page

Close This Browser Window


11-12-2002 © Joanna (aka easy_2_confuse_gt ) - 2001 -2002