|
|
|
|
|
|
Security tips Part 1
Protect your PC, screen name and more from abuse.
Anti-virus software, AOL, e-mail, firewallsNew fun to use features and increased functionality of your PC leave it vulnerable to attack. Unfortunately these new features, even those rarely used, come pre-installed on your PC with those security holes left on by default. For example you might have a feature called "file sharing" on your PC that could allow even an amature hacker to browse your files remotely. These tips below are not the final word on locking down your PC but it is a good start, more will be added in the future.
| Page Contents: | Related Help Pages: | |
|
Why do I need this information on Website/Internet security?
You lock the doors to your house and car don't you? We may live in a so called civilized society but we still share one thing with the animals, there are prey and there are predators. You work in the public eye and there is always some joker with way too much time on his hands.
Anti-Virus software
If you're online you need this, it's that simple. While a case against anit-virus software could have been made years ago, the abuse problem has grown so much that this step is a must.
There are a slew of good programs, go out and buy a major brand name, ask your friends what they are using or email here for a recommendation.
You normally will get one year of online updates for free. Updating is easy, you connect to the Net and run the update, new "profiles" are downloaded and installed automatically with one or two confirmation clicks. Beyond that first year updates range from $3 to $10 on average for each additional year. You renew with a credit card online, fast and easy.
The update screen for Norton looks like this, they let you know what is available and give you the option to deselect unwanted items.
Note: The program will remind you every two weeks to update your software. The reminder screen shows up when you boot up your PC. Leave the screen on your desktop, connect to the net as you normally would then go back and run the update or close the screen to run the update the next day. Updates may require a reboot. You can hold that off for a moment if you're in a hurry to check your email but you must run their reboot, don't just shut down or you may find that your update didn't properly take.You can configure your software to run in the background so that when email comes in or is opened the software is on alert. You will get a warning screen if something is suspect with options for deleting, quarantine, etc.
Firewall software
Just like Anti-virus software ... If you're online you need this, it's that simple. While a case against firewall software could be made years ago the abuse problem has grown so much this step is a must. If you have a cable modem or DSL you are an easy target. How so? you may ask. First, the person that will target you for abuse will send you an innocuous email from an anonymous account from one of the common web based email services hoping for a reply. When you do reply your ISP# (Internet Service Provider Number) goes with it buried in the header of your email. For cable modems and DSL your IP# is like your unlisted phone number. The abuser will use that IP# to attempt to hack (connect) into your PC. The firewall program will, hopefully, intercept such an attack and give you a warning. You many get some false alerts from your own ISP "pinging" you to see if your still connected to your service. It's been my experience in helping people set this up that false alarms are rare and tend to wind down after a while. (Note: even dial up accounts use IP#s but those numbers are random, you get a new number with each log on - still it poses a risk, and a vulnerability to a determined hacker)
Go get and download Zone Alarm firewall software. The installation and set up is easy and straightforward. Best of all it's free. Turn off the file sharing feature on your Windows PC.
Windows XP users - Check to see if your included firewarll is on by going to the Control Panel and double-clicking the Network Connections icon. In the dialogue that appears, check the Status column. If it's on it will say "Firewalled." Leave it on unless you're planning to add a third-party's wall.
Properly configured your firewall will stop programs on your own PC from accessing the Net. You will be prompted each time a resident program attempts to do this. You click yes to allow and check off a box to make it permanent. Common programs, email and ISP, can be set to automatic permission. Programs that rarely access the Net like MS Word should be set to warn at each attempt. The advantage of this is that certain worm virii will have their own email engine that bypasses your regular email program. When this happens your firewall will pick it up and alert you that some program is trying to access the Net. If you aren't specifically opening a known program to use a feature on the Net then you will know you have a problem.
E-mail, general tips
Attachments
For heaven's sake don't download attachments from people you don't know and even if you do know them confirm it. The top way to get a virus is via an attachment from someone you know and trust. They get it and are unaware of the problem, meanwhile the virus goes to work scarfing up addresses and sending itself out again.Third Party e-mail, Outlook / Eudora, etc.
On these programs you can set the size of an attachment that will be allowed to come down the pipe. While a virus can come in some pretty small files most of them are much larger than your average email. Set your allowable email limit to somewhere between 100K - 200K. This will leave most virii on the server end. You can take a look at the suspect email and click a button to delete the remainder from the server. This comes in handy when you get bombed by certain virus attacks. The SIrcam Worm Virus, for example, will infest a PC and send itself out over and over again. You might get as many as several hundred emails containing this virus in a single day. Limiting your email size stops this from happening, the email will come down but only the first small part of it thus allowing you get back to using your email instead of waiting for an hour.See also anti-virus software.
See also firewall software.AOL
Screen Name
AOL allows for multiple screen names but a common mistake for the radio person is to create an account with AOL using their own name, or a derivative, as the "Master Screen Name" and further compounding it by using that screen name publicly. Nearly every single radio host will be a target of some form of harassment, often directed against their screen name. Once that particular account is hacked the abuser will likely destroy it. The "Master Screen Name" allows full administration to your AOL account so your best bet is to create an account with AOL using a meaningless handle. THEN, create an account for public use ... limit the "permissions" for THAT new public account. Have a different password for your public screen name. Now if your public screen name is hacked they can't get control of your overall account. If you have already created an account with AOL and are concerned about the above then contact AOL, explain your position and request that they modify your account.You should further protect your AOL account with the following steps ...
e-mail and attachments (repeated under general email tips below)
Set your preferences so attached files do not download automatically. For heaven's sake don't download attachments from people you don't know and even if you do know them confirm it. The top way to get a virus is via an attachment from someone you know and trust. They get it and are unaware of the problem, meanwhile the virus goes to work scarfing up addresses and sending itself out again. See also anti-virus software.Buddy List and chat
If your addicted to your buddy list then take the time to find out how to modify the security features. You can set it to allow only listed people to be able to contact you. In December 2001 it was found that the latest version of AOL had a security hole in its Instant Messenger service big enough to drive a truck through. Even in previous versions of AOL you will be bothered by annoying and anonymous pop up messages that appear to be innocent chat requests. Keeping your Buddy List and Chat unrestricted will compromise your account in other ways that for security reasons I can't go into here.
PHP based websites
PHP is a web authoring tool and a really nifty way of constructing websites. Simply explained it is a database driven website. This makes it easy to update complicated muli-page and multi-component websites. It also allows for multi user remote interactivity (editing and authoring). On the downside there is a common bug that leaves a security hole in the remote administration area. It is suggested that if you decide to use PHP that you read up on this flaw or direct your webmaster to do so. For security reasons I can't list the flaw or how to detect it here. PHP based websites without remote editing/authoring are as secure as any website.
Original material copyright © PhillyTalk.com - All rights reserved.
