Log in | Back to darenet.org

Internet Security

(I've heard some security problems are caused by "user error." How do I avoid this?: correct spelling)
Line 57: Line 57:
Nothing provides an absolute guarantee, but with programs to detect and eliminate intrusions in place, and diligent use of the tools available, you should be able to keep your computer and its files as safe as you possibly can.
Nothing provides an absolute guarantee, but with programs to detect and eliminate intrusions in place, and diligent use of the tools available, you should be able to keep your computer and its files as safe as you possibly can.
-
[[Category:Documentation]]
+
[[Category:Documentation]] [[Category:Exploits Prevention]]

Revision as of 12:48, 27 October 2007

In This Guide:

Why do I need to worry about Internet Security?

Your computer is subject to attacks from a variety of external sources. There are two main reasons why someone would want to harm your computer. One is to gain information from it, such as personal credit information (i.e. credit card or social security numbers) or other sensitive information you may have stored there. Another is to use your computer resources for their own benefit over the Internet. Your internal resources, such as hard drive space can be used for their own purposes.

What are the most common methods of intrusion?

Your computer can be attacked from any area of weakness. This includes viruses (including worms, trojan horses and email attachments containing viruses), Spyware, and spam. Each different type of intrusion requires different methods of treatment. What are Viruses and Worms?

A virus is a program or code that is loaded onto your computer without your permission or knowledge. A worm is a type of virus that replicates itself, but does not attach itself to other programs. At best, a virus will use up all your memory resources, leaving your computer without enough available space to run programs. At worst it destroys data or alters operating system files on your computer, and can make it inoperable. Anti-Virus programs scan your computer looking for infected files. The vendors constantly update these programs with virus signatures as new viruses become known. If you keep your anti-virus program up to date, it will isolate the virus and give you several options for removing it from your machine. Each time you open a floppy disk, an email, especially those with attachments, or download a file your antivirus software can automatically use to scan for viruses. I often receive email attachments. Why are those dangerous?

Viruses and worms can reside within the body of an email or an attachment. The best protection from an email virus is to only open those that are from someone known to you. Viruses can appear to be sent from the email account of someone you know. If you receive an unexpected attachment do not open it unless you can confirm that the person meant to send it to you. If you receive an email from a known source with an odd subject line, don't open it until you have scanned the email and the attachment for viruses. Many Internet-based email providers either scan automatically or allow you to scan attachments for viruses.

What is Spyware is and how I can protect my computer from it?

Also called adware (not to be confused with the product Ad-aware), Spyware is software that is loaded onto your computer without your knowledge to gather information about you through your Internet connection. These applications are often bundled in free software that a user may install on a computer. It can gather information on sites you visit on the Internet, or more personal data such as email accounts, passwords, and credit card numbers. Spyware and some viruses can also read keystrokes, scan your files, including word processing programs, chat, and send information back to an external location. This also takes up resources on your computer. Spyware can be removed through use of a program designed to find and remove those programs from your computer. Ad-aware, a freeware Spyware removal utility, is available through Lavasoft.

What is "spam" and how can I avoid it?

Spam is unsolicited, unwelcome email sent to your email account from someone you don't know. In addition to being an annoyance, spam may contain viruses or attachments (mentioned above) and it also eats up bandwidth on the Internet. It's nearly impossible to protect your email address from spam if you reveal your address on the Internet. It's best to have one address for personal mail that you reveal only to relatives and friends, and another "junk mail" account that you can reveal generally. A level of protection against spam can be realized with an email spam filter, often provided by an email provider. In addition, don't click on a link offering to remove you from a list because that tells the spammer your address is good, and could result in even more spam mail. Also never open an email from an unrecognized sender.

What are the best ways to protect my computer system from various methods of intrusion?

There are many methods of doing this. Some involve programs that you install on your computer's hard drive. Other prevention methods are actions you must take on a regular basis to maintain the integrity of your computer. This includes use of a firewall, plugging holes in your operating system, password protection, backing up your computer files, and precautions taken when installing programs on your computer.

What is a Firewall? Do I need one?

A firewall is a program that is designed to prevent hackers from unauthorized access of your computer. It screens all information coming in and going out from your computer over the Internet. It controls which packets of information are allowed to pass through your computer. You can set the level of security under which you want the firewall to operate. At one extreme, a firewall can be set such that nothing is allowed in or out of your computer without your permission. Use of a firewall is recommended, especially if you use a broadband Internet connection with a fixed IP address. Zone Labs offers a freeware version of its software firewall. Already have a firewall? Test to see how well it's working with Shields Up.

How can I correct weaknesses in my Operating System?

Keep your operating system up to date. Occasionally a hole in the operating system becomes apparent that may expose a weakness in your system that makes you vulnerable to attack. Be aware of patches offered by the manufacturer and install them when available. For Windows, click on the Windows update link on your Start menu.

Are my Passwords vulnerable to attack?

Yes, the best password protection you can give yourself is to keep your passwords private and make them unique to their purpose. Use a different and distinct password for each different application. The best passwords contain alpha and numeric characters and include nonsense syllables rather than real words. Even then, passwords can sometimes be captured and saved by someone to access your personal information, so it's best to change them often.

How often should I back up my computer files? What is the best method to use?

You should back up every important file each time you make a change to that file. Store them in a safe place. For your very critical data, it's best to use more than one storage media to ensure they will be available to you in a usable form should you need to access them. For example, you can alternate between two floppies or two CD-RWs each time you back up a critical file.

Can I run into any problems when installing programs?

Yes, only use programs from a reliable and known source. Understand what the program does and how it will interact with your other programs before installing it. To be extra safe, you can obtain backup software and back up your hard drive before installing a new program in case there are unforeseen complications. You should also use the system configuration backup function in Windows XP and ME before installing new software.

I've heard some security problems are caused by "user error." How do I avoid this?

"User errors" are problems you cause yourself by not being diligent about maintaining activities that resolve intrusion problems. There are two ways to avoid this:

  • Use Your Security Features: The security programs you install on your computer to protect it from attack must be updated on a consistent basis. Scan your computer regularly for viruses and keep updates current. Be aware of patches available for your software and install them. The security features available on your computer will only work if you remember to use them.
  • Maintain Privacy: Protect your personal information. Home addresses and phone numbers, social security numbers and financial information, including credit card numbers should never be given out to unknown web sites. Only give them out when the connection is encrypted as indicated by the padlock icon on the bottom of your Internet browser window. Don't conduct financial or private transactions on a public computer, including purchases or accessing financial accounts. Don't select the option that stores your user name and password on your web browser. When you are not using the computer, log off your online session and turn off the computer. If you do need to use a PIN number online, choose one that is unique for each application. Do not store the PIN number on your computer or give it to anyone. When choosing a PIN, avoid use of a common number or word(s) that could easily be determined by someone with access to your personal data, such as birth dates or telephone numbers.

Is there any way to be positive that my computer is safe from intrusions?

Nothing provides an absolute guarantee, but with programs to detect and eliminate intrusions in place, and diligent use of the tools available, you should be able to keep your computer and its files as safe as you possibly can.