Securing your computer

[Dark Phoenix Rising]

This thread has been started as a result of a suggestion.

If you have any tips on securing a Windows PC from danger on the internet or for safer surfing, please feel free to post them here.

[Dark Phoenix Rising]

While a lot of information can already be found on the internet about securing your computer from attack, very few people know much about the various ways of achiving this. As such I hope that the following items will help to improve this situation.

---

• Install a firewall
  For those that don't know, a firewall is a piece of software or hardware that will limit the access that other people can have to your computer from their computer, and also the amount of access that your computer can have to the internet.
  
  
  • The windows firewall
    The windows firewall comes pre-installed on all Windows XP machines that were sold after about april last year. As firewalls go this is about as secure as latching your front door when you leave the house. It is however very easy to use, and shouldn't cause any problems.
    
  • Zone alarm
    Zone alarm is one of the better firewalls available for a stand alone computer. It is highly configurable and can also be set to a learning mode. There is a free version available for those that just want the basic firewall, for those that want more there is a professional version that can be paid for. This product can be a little complicated to setup the first time, but once it's running it's almost as easy to use as the windows firewall.
    
  • Norton Firewall
    This is a paid for firewall that should be easy to setup and get working, even for those that are not experianced in doing so. Once it's up and running it isn't quite as good as zone alarm, but it makes up for a that by being easier to understand by those that don't know much about computers.
    
  
  
• Anti virus
  Virus are a fairly common occurance when your computer is connected to the internet, and they can be delivered through a variety of means, such as e-mail, via the internet, and through browsers/instant messengers. As such after a good firewall, the most important thing to have on your computer is some antivirus software. I would recommend going with a product like Norton antivirus or McAfee antivirus as they are both companies that produce antivirus software for general users to use easily and simply.
  
• Anti spyware
  After you have been active on internet for a while you will have picked up a host of little programs who's sole purpose is to either give you ads or to provide someone else with your information. To get round this various companies have produced anti spyware programs that will detect and remove these little programs. I would recommend using more that one, e.g. Spybot search and destroy, adaware, and the microsoft anti spyware (which can be downloaded from their site).
  
• Browser/Browsing
  The first thing I would suggest with regards to your browsing habits is to stop using internet explorer as most of the problem pages on the internet will target this browser due to the a) popularity of it and b) the fact it is made by microsoft. Instead I would recommend using either Opera or Firefox. Both of these are fairly secure browsers that should be able to access most of what you want to see on the internet.
  

[Dark Phoenix Rising]

• EMail and attachments
  With regards to e-mail and attachments, the first thing you should check is who an e-mail is from. If you don't recognise the e-mail address, or the title of the e-mail doesn't seem like them, don't open it until you know they actually sent it to you. If you can, use an internet e-mail account for all of your normal e-mail, and for those addresses you need to supply on the internet. Only give out your non internet account to people you know offline. A good e-mail provider is Yahoo as well as google, however google's e-mail service is invite only (PM me if you want an invite).
  
• keep me posted
  On a lot of signup internet sites you will see 1 or more check boxes that usually read something like "I would like to be kept up to date with new products" or "I would like carefully selected 3rd parties to send me information". After reading what this says, I would suggest always indicating that you do not want the companies to do this. This will generally reduce the amount of spam e-mail that you receive, and also the chances that another company will get your information and misuse it.
  
• Passwords
  You should always try to use a password that is at least 8 characters long and is made up from letters and numbers. Your passwords should also be unrelated to who you are (i.e. don't use your madien name, dogs name, or any other information that you may have to supply anyway), a good way of doing this is number substitution, e.g. password becomes p4ssw0rd, or Family becomes F4m1ly. For the most part this sort of password will be secure enough. If you think you will have difficulty remembering your password, then write it down and keep it with you, however try to avoid putting the information together. e.g. you would write down email = p4ssw0rd instead of joe@yahoo.com = p4ssw0rd
  

This is all I can think of atm, but if you have any questions I'll try to answer them.

[Elliot Kane]

Netscape is pretty good too, in terms of free browsers

[Dark Phoenix Rising]

A backup for my reasoning behind not using internet explorer

[Alrik]

Use the "Windows Update" regularly ! Microsoft has even these days published new patches against severe critical "holes" with the Internet Explorer !

If you don't have MS IEX, then use your's browser's update function anyway. Even Frefox has had its problems in the past.


Interesting read, in general : Sony/BMG and digital rights management - this is about the infamous so-called "Rootkit" that was installed by some CDs from Sony/BMG.

[Dark Phoenix Rising]

IMHO windows update is nowhere near as useful as any of the other items I mentioned, as they will protect your system from the vunrabilities that are in the OS regardless of whether they have been found or not.

[Alrik]

Okay, but without windows update things would be worse. IMHO.

[Dark Phoenix Rising]

I personally run an unpatched windows 2000 PC at home and instead use a decent firewall, AV software, and spyware scanner to stop problems occuring. I also don't use outlook or outlook express for e-mail, rather I use a propriatry program from my ISP or web mail. I have never had a virus/hacking problem that wasn't attributed to a failure of one of those items rather than a failure of the OS.

[Alrik]

I heard rumors that a new variant of Sober is spreading right now.

This was expected, because the German police department knew the date of spreading ( I guess they did some re-assembling or so).

I just read that Pegasus Mail 4.2.x has a security risk. 4.3 is available (it was due anyway), so users are supposed to upgrade to that.

[janggut]

does anyone here subscribe to online shopping? how do u protect yourself when u do so, especially when u shop with your credit card?

[Dark Phoenix Rising]

The answer is that I don't, however I also don't tend to use any site that I don't trust. One of the precautions I do take though is that the credit limit on my card is less than I earn a month, and it's going to stay that way.

[Alrik]

Patch for a hole connected with the mis-use of display of WMF images : www.microsoft.com/technet/security/bulletin/ms06-001.mspx

[Alrik]

Phishing with Google

It's in German and says that Phishing-attacks are used with Google's ability to redirect URLs (links). There are examples.

The link *seems* to go to Google, BUT it has an appendix which lets Google re-direct the actual link towards a Phisher's site.


By the way, could you please make this thread "sticky" ?

[Shan]

dragonlord said:

I personally run an unpatched windows 2000 PC at home and instead use a decent firewall, AV software, and spyware scanner to stop problems occuring. I also don't use outlook or outlook express for e-mail, rather I use a propriatry program from my ISP or web mail. I have never had a virus/hacking problem that wasn't attributed to a failure of one of those items rather than a failure of the OS.

Sounds good to me DragonLord. I do basically the same thing on my Windows machine except I run WinXP.

If I do connect to the Internet with this machine, I do not and will not use Internet Explore. I do not and will not use Outlook or Outlook Express for email. I run a personal firewall and not the one that comes with XP. So far I have never had a virus/hacking problem on any of them.

I use Linux as my main OS and XP for games and some graphic programs I have that I can't run on Linux. For Internet use I use Linux and Firefox. I use Thunderbird as my email client or I use web mail. The same goes here too.
I have never had a virus/hacking problem with this machine either.

Sorry, people, but I think if you use Internet Explore and Outlook or Outlook Express you are just asking for trouble even if you always stay current with the Window updates.

Shan

[Shan]

janggut said:

does anyone here subscribe to online shopping? how do u protect yourself when u do so, especially when u shop with your credit card?

Jags, I shop online a good bit at times.

Like DragonLord I do not buy from sites that I do not trust.
Any site that I do buy from must have a secure checkout.


Plus I have a creditcard that I only use for online shopping and the credit limit is low.

Shan

[Shan]

By the way, could you please make this thread "sticky" ?

Good idea, Alrik. How about it DragonLord?

Shan

[Dark Phoenix Rising]

I'm going to have to watch it on the sticky threads though as a large proportion of the front page is starting to be stickied threads

[Dark Phoenix Rising]

For those that are intrested This site will give you some insite in to how to search for information, and as a side effect how to secure your own online presence

[Shan]

dragonlord said:

I'm going to have to watch it on the sticky threads though as a large proportion of the front page is starting to be stickied threads

DragonLord, I'll see what I can come up with for you a new sticky. Never seen a first page of just stickies before. ;D

Hey, it isn't even half a page yet. ;D

Shan