|
|
 |
|
|
|
|
|
|
The only way to have a
totally secure computer is to never install any programs other than what
came with it. Never put a floppy disk, CD, memory card, and any other
removable storage device or media in or on your computer that has come
from another computer. Never connect to the Internet. This is not
practicable, what did you get the computer for?
When you connect to the Internet, your computer is actually connecting
to more than a billion other computers. Any one of these could get your
bank account numbers, credit card account numbers, and personnel
information if it is on your computer. If they get enough information,
they could drain your bank accounts, charge items to your credit card,
and even apply for credit cards using your information. These types of
crimes are rising at an alarming rate and simply following some of these
precautions could decrease your vulnerability.
The idea is to not make it easy for anyone to access your computer, and
a simple software “firewall” can do this. Most “hackers” will simply
move onto a simpler system to get into. The exception to this would be
if someone was determined to get into your system for some specific
reason. Any security measure can be defeated. The deciding factor will
be how much time someone is willing to commit to do this.
Security software and/or devices can be as inexpensive as $50 and cost
upwards to over $5000. How much is it really worth to you?
Types of Threats; Viruses, Worms, Trojan Horses, and Spyware programs.
Most of these programs will slow down your computer to some extent and
some may make it so slow that it appears that the computer “locked up”
(unsophisticated programs by inexperienced “hackers”). The “infections”
are installed onto your computer without your knowledge through the
Internet. Viruses and Worms are usually malicious, that is, they can
“steal” some of the memory in your computer, make certain functions or
programs not work, display messages intermittently on your screen, and
these are just a few of the problems you could have. Trojan Horses and
Spyware are more sophisticated programs that usually will not interfere
with the operation of your computer. Whomever put them there does not
want them detected because it gives them access to your computer using
the Internet. There are legitimate venders for this type of software and
it is used legally (with a warrant) by Police Departments, FBI, and CIA.
Some of these can be “programed” to “listen” for certain keywords such
as password, account number, sex, porno, login, etc. These words could
either be displayed on the screen or typed by you and they would
“trigger” the Trojan Horse or Spyware to copy this information and then
send it to whomever installed the program, without you ever knowing it.
Basic Precautions;
1. Make sure your operating system (Windows 98, Windows ME, etc.) is up
to date with all “bug” fixes, patches, and updates. These are readily
available from Microsoft at www.windowsupdate.microsoft.com, however,
they are large in size and only practical to download if you have a high
speed connection. They are also available for slower connections by
ordering the CD.
2. Make sure any virus protection software is kept up to date with new
virus definitions. Vendors of this type of software have these updates
available when new viruses are detected, but some require an annual fee.
3. Schedule backups of all information that is important to you. Do this
on some sort of schedule and have the backup placed somewhere other than
the computer itself. (Do not have the backup on the hard drive of the
particular computer, but on floppy disks, CD’s, or magnetic tapes.
4. Do Not download anything from the Internet unless you are sure of the
source. Any web site which installs software on your computer allowing
others to “share” music, videos, pictures, etc. should be avoided. Kazaa
is a well known site for viruses and pornographic material. Avoid any
program which automatically check the Internet for “information” without
your permission. Some web sites to be extremely wary of are “Webshots”,
“Bonzi Buddy”, and similar web sites. Exceptions to this would be
updates from Microsoft and new virus definitions from McAfee or Norton.
5. Do Not open attachments from anyone unless you now the sender and are
expecting the attachment. Delete these from both your “inbox” and
“deleted items” folders.
6. Your personnel login name, screen name(s), and e-mail names should
not be descriptive or gender recognizable. Someone seeing these names
should not be able to tell your age, sex, or interests.
7. Do not save your passwords on your computer, a web site, or even
written down (sticky notes attached to your screen). Several programs
and web sites offer to “save” your password so you don’t have to retype
it the next time. Always take the choice that DOES NOT save your
password. Do not choose passwords which are variations of commonly known
things, such as your name, date of birth, home address, etc. Typically,
your password should be derived from something only you would know and
should be a minimum of five characters and should be a combination of
numbers and letters. Some systems will even differentiate between upper
and lower case letters.
8. Change your password frequently.
9. “Log Off” your computer when you are not using it. This is especially
important if you are on a network. Not only could someone get into your
computer, but they would also have access to the network’s file server.
If you have “Microsoft File and Print Sharing” enabled on your computer,
remove it if it is not being used, otherwise, turn your computer off
when it is not being used.
10. Record Make, Model, and Serial Numbers from your computer and any
other computer peripherals. If this is done on an inventory program on
the computer, make sure you have a printed copy of it. If your computer
is stolen, this information can possible be used to find it.
11. If you have a Broadband Cable connection or DSL connection to the
Internet, you have a Ethernet Adapter installed in your computer. These
adapters have a unique number assigned to them called a “Physical
Address” or “Adapter Address”. It will be 12 characters long and usually
contains hyphens (01-02-03-AB-CD-EF). It can be viewed on Windows 98
(maybe Windows ME also) and earlier operating system by typing
“winipcfg” in the “Run” box from the Start button. Make sure you choose
the adapter that IS NOT identified as the “PPP Adapter”. On Windows XP,
Windows 2000, and Windows NT you will have to go to the “Command Prompt”
and type “ipconfig /all” to see it. If your computer is stolen, this
information can possible be used to find it.
The following Advanced Precautions are for those computer that are
connected to the Internet. The most vulnerable computers are those which
have a “always on” connection through a cable modem, DSL connection, or
T1 telephone line, but any connection to the Internet makes your
computer accessible to others.
Before you invest in any of these Advanced Precautions, you will have to
ask yourself “Do I have or do anything on my computer that I do not want
others to know about or see?
Advanced Precautions;
1. If there is only one computer connected to the Internet, have at
least some sort of “firewall”. There are inexpensive (under $100)
software “firewalls” available from Norton and McAfee to mention a
couple. Remember to keep these up to date with “bug fixes”, threat
definitions, and updates. Some of the new operating systems (Windows XP,
Windows 2000) have these incorporated. If there is more than one
computer connected to the Internet and/or you have a network set up,
consider installing a “Gateway” along with the “firewall”. Without
getting into a detailed explanation of what these devices are
(definition and functions can be found on the Internet), a Gateway only
“shows” the gateway itself to the Internet, not the computers attached
to it. A Firewall “blocks” certain access to your computer.
2. If you are using a “wireless” connection to the Internet either
through an “Access Point” or “Wireless Router”, make sure you take the
extra time to “encrypt” the data transmissions (instruction on how to do
this are included with the unit). When purchasing one of these devices,
choose one that has at least 128 bit encryption. Without encryption,
anyone within 300 feet (usual distance) will not only be able to use
your Internet connection, but be able to “hack” into your computer.
3. If you suspect someone else is connected to your computer, go to the
“Command Prompt” (or MS-DOS Prompt) and type “netstat”. This will list
all the current connections to your computer. A suspicious address may
not be shown simply because they would not be connected at the time you
run “netstat”. If there are several connections listed, type “netstat >testip.txt”
and this information will be saved to a file named testip.txt which can
be printed out using either Notepad or Wordpad. Print it out and date
and time the printout for future use if needed. |
|
|
|
|
|
|
