Security Conscious Operating:

I think the first element in computer security is you, the operator, the person behind the keyboard.  Practice smart computing.  By reading this page, you are taking a step toward becoming a Security Conscious Operator.

Crazy Clickers:

When you visit websites don’t be a crazy clicker.  Sometimes websites want you to install something.  Maybe it’s something good, or, maybe it’s something bad that you will regret later.  Stop for a minute and think about it.  Make sure before you click OK.  Do some investigating first.  If you’re in doubt click NO or Cancel.  When I visit a website and a box pops up asking if I want to install and run XXXX, I usually just click on NO.  The page usually loads for viewing anyway.  Not all websites are on the up and up.  Some site owners are probably getting paid for getting people to install software from ad companies or unscrupulous software vendors.  If the page refuses to load when you click on no, just smile and go to your favorite search engine.  You can usually find several pages with similar information that you are looking for.

Attachments:

I’m sure you’ve heard the phrase “Never open attachments”.  Well there’s a reason for that.  It’s how most computers get infected with viruses and trojans.  If you receive an email attachment from a friend that you’re not expecting, call them up on the telephone or send them an email and make sure that it is something that they meant to send you.  It’s very possible that your friend could be a victim of a virus that automatically resends itself to everyone in your friend’s address book.  So make sure that it is something that they meant to send to you.  Second, check the attached file with an up to date antivirus program.

And NEVER, EVER, open attachments from strangers.  Lately there have even been emails circulating around the internet that claim to be from Microsoft and have an attachment claiming to be a patch or upgrade.  I hope you never open one of these.  The attachment is a VIRUS.  Microsoft never sends patches or upgrades through email.

Trojans:

A Trojan is a program which, if installed on your computer usually allows someone the ability to have remote control of your machine.  You can get a Trojan from opening attachments, or running bootleg software, or possibly from a malicious website.  A Trojan could be a very small slave program on your computer which allows someone with a master program to have control of your computer for whatever use that they want of it.

It could be used in a DoS (denial of service) attack along with a multitude of other computers belonging to unaware users, on another website or server without your knowledge.  Also, spammers using viruses to plant Trojan malware on PCs to provide remote access.  Once the software is installed the PC can be used to send out spam at no cost or risk to the spammer.

“But”, you say, “I’m on a slow dialup connection, so what use could a hacker have for my machine”?  Have you ever heard of identity theft?  Do you have any personal information stored on your computer?  Social security numbers, banking information, credit card numbers?  All of this information would be available to someone with the master program for the Trojan on your machine.

“But,” you say, “I get a different IP address each time that I connect to the internet, so how could they find me”?  The Trojan on your computer would call 'home' when you connect to the internet, or assign itself to a certain port on your computer to listen on.  Lets say port XXXX.  There are port scanners operating all the time on the internet.  Your ISP (internet service provider) is assigned a certain block or range of IP addresses.  It wouldn’t take long at all for a hacker to scan the range of your ISP’s address block and find your machine with it’s little Trojan sitting there with port XXXX open and waiting on a connection.

So you can see, even with a slow dialup connection you are vulnerable to this type of exploit.

Pop up ads:

To block pop up ads you can:

• Use the hosts file or
• Use a program for blocking popups.

Some of the newer browsers have built in pop up blockers.

Home page hijacking:

Your computer being hijacked is usually caused by a program being run on your own computer.  That's right.  It's probably a program that you have installed without even being aware of.  Have you ever noticed that when you go to certain web sites that there will be a box pop up and ask you if you want to install and run something?  My advice to you is to always click "NO", unless you know for sure what it is.  Lots of spy ware and mal (malicious) ware is installed this way.

Another way that you may get this stuff on your computer is from it being bundled in with another legitimate program.  Some free ware and share ware programs have spy ware and mal ware bundled along with the program that you want.  They are unknowingly installed on your computer when you install the program that you actually want.

Computer slow down:

Your computer running very slow and unstable is often caused by the number of programs that you have running in the background.  Take a look at your task bar, next to the clock.  How many icons do you see sitting there?  These are programs that are running on your computer, and chances are that a lot of them do not need to be running all the time.  Every program that you have running takes up resources on your computer.  When your resources get low your machine seems very sluggish and may even crash.

Checking for Mal (Malicious) Ware:

One thing you surely need to do is check your computer for mal ware, and if you have any, get it off of your computer.  I recommend Spybot - Search & Destroy for that task.  Another good program is Adaware.  I use both.  They compliment each other.  Sometimes one will catch something that the other misses.  And be sure to keep these programs updated too.

Spam:

Spam, or unsolicited advertising in your inbox is something that I think would be safe to say, we all hate with a passion.  Everything from box cameras to increasing or decreasing your physical size and dimensions, are shoved down our throats everyday when dealing with email.  I think it would be safe to say that 90 - 95% of all my email is spam.

So how to deal with it?  I don’t want to read it.  I hate sorting through it all to pick out the good messages from the bad.  I set up message rules with my email program to help filter it, but within the last year spam has increased so much, that solution doesn't help me much anymore.  I decided to try a spam filtering program.  There are several out there anymore.  I used Mail Washer for awhile, which is a very good program.  But I decided to try out one of the new Bayesian type filters.  I’m using a program called K9, which is a new program still under development.  K9 is free, and works very well for separating the good from the spam.  In the beginning the program doesn’t know which messages are good and which are spam, and has to be trained.  But the longer you use it the better it gets, and now, I am getting 98.8% accuracy.  I can live with that.

Email Courtesy:

Don’t you just hate it when you go to check your email and it seems to take forever to download, because someone who knows you just can’t resist hitting the forward button on an email with a huge attachment.  You sit there waiting for it to download and then when it does, it’s just a silly picture or executable program for some sort of joke that sometimes isn’t even funny.

Courteous way:

• If you want to send an attachment of any larger size to someone, always send an email first and ask them if they would be interested in it first.

Ever wonder how spammers get your email address?  Well one way is from someone forwarding an email to all their friends.  Just look at the headers in one of these messages and you will see all kinds of email addresses.  Spammers love this and can harvest all the addresses to send spam to.

Courteous way:

• If you want to send an email to several different people, send it to yourself instead and list all the recipients using the bcc (blind carbon copy) feature of your email program.  That way everyone’s email address won’t show in the headers.

Another way that your email address can be harvested is when someone sends you a link through a webpage.  Ever visit a website and see where it says, “Send a link to your friends, just click here”?  Lots of sites harvest the address for a spam list.  Don’t do this to your friends.  You are giving them your friend’s address, plus your own.  Use your own email program to send a link, instead of using the one on the website.

Courteous way:

• Just highlight and copy the link from your browsers address bar and then just paste it into an email to your friend.

Anti Virus programs:

An essential for protecting your computer is a good anti-virus program.  There are several programs available, and some good free ones too.  You must always keep your anti-virus program updated with the latest virus definitions.  New viruses come out all the time so I would recommend checking for updates at least once a week.

Firewalls:

I recommend a good firewall.  With a firewall you have control over what comes into and also out of your computer.  If you are new to firewalls I recommend Zone Alarm.  If you are willing to learn a little, then I recommend a good rules based firewall.  A rules based firewall will give you more fine tuning and control.  Kerio and Agnitum Outpost are a couple of good rules based firewalls.

After installing your firewall visit Shields Up at grc.com or a similar site and run a port test to make sure that your unused ports are closed.

Update Your O/S (operating system):

Another essential is to keep your O/S updated with the latest patches.  Visit Windows Update site regurarly and install the latest critical updates.  If you are using Linux, or running a Mac, be sure to visit their sites and keep them updated too.  Some of the latest virus exploits could have been prevented from escalating to the extent that they did if people had just kept their computers updated with the latest patches for their O/S.