pc security
While you are on-line how secure is your computer? This
page covers the following topics:
If you ignore these simple precautions you could be putting
your computer, and therefore your personal data, at risk of being accessed
or tampered with.
Remember, however, the only way to make your PC 100%
secure is to unplug it from the internet altogether!
This page contains information and links to websites that
I have found useful in understanding how to be more secure on-line.
{^top}
 windows
network settings
[I have based this article on the information found at
Steve Gibson's excellent Shields
Up! website.
For a more detailed explanation I strongly recommend
that you read Steve's tutorial.]
The one thing that caused me most concern, when I began
to investigate computer security, was that the default network settings
in Windows are not-secure.
Default Settings
When you install Windows onto a new machine you want to
be able to get it up and running with the least amount of fuss. (All that
tweaking nonsense is for Linux users, right?)
If you have a modem you want the system to recognise it
and for it allow you to connect to the internet.
If you have a LAN card and are connected to a Local Area
Network (LAN) you want to be able to communicate with other users, browse
their folders, etc. as soon as possible.
So Microsoft designed Windows to do just that: you get connectivity
straight out of the box. But at a price: security.
Sure Windows is easy to install, and easy to use, but it
is also easy to hack into (if you know how!). As easy as it is for your
computer to access the internet, it is as easy for the internet to access
your computer!
{^top}
Network Settings
The first step towards greater computer security is to
review your network settings.
But I'm not on a network, you might argue. Okay, you might
not be connected to a LAN, but if you connect to the internet via a modem,
or DSL/cable then you are connected to the world's largest network, the
internet.
You may also be surprised to learn that Windows has by default
installed some of its own Local Area Networking technologies, such as
NetBIOS/NetBEUI, Network Neighborhood, File and Printer Sharing, and Client
for Microsoft Networks.
These technologies are not needed AT ALL for connecting
to the internet.
These are installed for those few users who want to connect
to their LAN as quickly, and without as much fuss, as possible.
These technologies were designed to allow users on the same
LAN workground (members of the same office, or family members) to share
files and printers across their network. They were never to go worldwide.
They are LOCAL area network protocols.
You certainly don't want to allow them to communicate with
your internet connection.
But by default they do!
{^top}
A Bind
Remember I said that Microsoft wants Windows to run as quickly
as possible 'out of the box'. One way they do this is to 'bind' all the
networking technologies to one another.
'Binding' simply means that different layers of network
components are allowed to communicate with one another.
There are three networking layers within Windows:
- Network Services (Microsoft Networking)
Client for MS Networks
File and Printer Sharing (bind ONLY to NetBEUI)
Microsoft Family Logon
- Network Transport Protocol
TCP/IP (used for Internet connections)
NetBEUI (used to share files and printers)
IPX/SPX (used for Games across a LAN)
- Network Hardware
Dial-Up Adapter (Modem)
Cable/DSL Interface
Local Network Interface (LAN Card)
By default, each component within a layer is bound the each
component on the next layer. This means that File and Printer Sharing,
for example, is bound to the TCP/IP protocol, which in turn is bound to
your Modem. The result is that anyone can access your printer and files
via a TCP/IP connection!
Worrying, huh!
{^top}
Optimised Settings
For an optimized and more secure setup simply unbind all
components that are unnecessary, and only bind those components that you
actually need.
For users with a modem, and no LAN, all you need
is for TCP/IP to be bound to your Dial-Up Adapter (Modem)
For users with a moden and a LAN: if you want to
share files and printers then do this over NetBEUI (bind File and Printer
Sharing to NetBEUI, and NetBEUI to your LAN card). This leaves it unconnected
to your TCP/IP-Modem binding. If you must run TCP/IP across your LAN
just make sure that TCP/IP is not bound to File and Printer Sharing.
For a more detailed explanation and for more information
check out...
{^top}
Shields Up!
To understand this further, and to find out how to bind
only the components you need, read Steve Gibson's excellent Shields
Up! website.
Shields Up! will also test to see how secure your computer
is while on-line. This test can take a few minutes, but is well worth
it.
{^top}
 optimize
modem settings
When Windows 95 was originally released modems were cruising
along at a pacy 28,800 bps. However, when you install Windows 95 or 98
it installs by default with the settings for a 14,400 bps modem!
Not the best news for someone with a spanking new v.92 56Kb
modem. However, it doesn't take much to correct these settings to get
the most out of your 56Kb connection.
{^top}
Optimizing.net
Mr. Echevarria, who incidentally has been continuously online
since September 1997, has written a wonderful website called Optimizing.net
which will explain to you how to do this. It contains separate sections
for the various Windows operating systems (95, 98, Me, NT, 2000, XP) as
well as for optimizing your Ethernet LAN card.
{^top}
 anti-virus
software
If you do not already own, use and update an anti-software
suite then you SHALL get a virus infection sooner or later. If you own
one, but do not update it regularly then you SHALL get a virus infection
sooner or later.
{^top}
Are you at risk?
If you own a computer running the Windows® Operating
System (Windows 95, 98, Millennium, 2000, NT or XP) and you connect to
the internet to access web-pages or e-mail then your computer could be
at risk of attack by viruses and so-called ‘hackers’. In this short article
Gareth Saunders explains what you can do to protect your computer from
attack.
If you use an Apple Macintosh computer don’t think you are
immune from computer viruses - there are still between 40 and 100 viruses
that can target your beloved Mac. However, you are at much less of a risk
that PC users who can be the victim of one of the 62,237 viruses out there
(and that number went up by 24 since last week).
To search the list of current viruses, worms and trojans
visit the Symantec Anti-Virus Center website
www.symantec.com/avcenter/
This is the website I consult when I want information about
particular viruses, and to download specific tools to remove them.
{^top}
Virus, Trojan, or Worm
A computer Virus is a program designed to spread
itself by first infecting files on your computer and then making copies
of itself. Viruses usually operate without the knowledge or wish of the
computer user. Most viruses are comparatively harmless, and may be present
for years with no noticeable effect. Some, however, may cause random (or
calculated) damage to your files.
A Trojan Horse is a program intended to perform some
covert and usually malicious act which the victim did not expect or want.
It differs from a destructive virus in that it doesn't reproduce, (though
this distinction is by no means universally accepted).
A Worm is a program which spreads (usually) over
network connections, such as the Internet. Unlike a virus, it does not
attach itself to a host program.
{^top}
Am I at risk?
If you simply use your computer as a stand-alone machine,
you have no access to the internet and you do
not swap floppy disks or CD-ROMs with anyone then the answer is that you
are probably not at risk.
If you are connected to the internet — to check e-mail and
browse webpages — or you do exchange disks with people then you most certainly
are at risk. You may have heard of recent worms which have hit the news
headlines, such as the BugBear virus or Nimda.A worm — these were all
spread across the world in a matter of hours by e-mail!
{^top}
Anti-Virus
The best way to prevent your computer from being infected
by a virus is to install anti-virus software from a well-known, reputable
company (see right), and UPDATE it regularly — you can do this on the
internet.
... and update it REGULARLY
New viruses come out every single day; an anti-virus program
that hasn't been updated for several months will not provide much protection
against current viruses.
I always download the intelligent update from Symantec,
every couple of days.
{^top}
Auto-Protect
In addition to scanning your entire system for viruses on
a regular basis (e.g. once a week), make sure you choose an anti-virus
product which offers an 'on access' or 'auto-protect' scanner. This will
start automatically each time you switch on your computer and check for
viruses each time you use a file the computer can 'run'.
{^top}
Scan ALL attachments
Virus scan any new programs or other files that may contain
executable code (including MS Word documents which can contain 'macros')
before you run or open them, no matter where they come from.
If you get an attachment from someone that you did not expect:
scan it — good anti-virus software should automatically scan all incoming
and outgoing e-mail anyway. If you are still in any doubt delete it. If
it was genuine and important the sender can always re-send it.
{^top}
Backup
Do regular backups. Some viruses and Trojan horse programs
will erase or corrupt files on your hard drive, and a recent backup may
be the only way to recover your data.
{^top}
Recommended Software
Norton AntiVirus
www.symantec.com
The world’s favourite a-v solution, and for a reason. Easy to install,
good ‘out of the box’ options to protect. Scans all e-mail (in &
out), Auto-protect option. Auto-update features.
Price: £39.99
McAfee VirusScan
www.mcafee.com
Another very popular product. Includes an integrated firewall,
integrates itself with Microsoft Office products.
Price: £39.99
Kaspersky Lite
www.kaspersky.com
A free version to download offering basic protection against viruses
— but no e-mail scanning, or other advanced features.
Price: FREE (+ download!)
More...
Check out the list and reviews on the FirewallGuide.com
website
{^top}
virus
hoaxes
Not only do viruses, worms and trojans pose a threat to
your computer but you do too, if you are not careful!
Hoax
There are a great number of e-mails in circulation that
warn you about viruses that do not exist, or that instruct you to delete
a particular file (e.g. JDBGMGR.EXE) from your system because it is a
virus that no current anti-virus software will detect or remove.
Symantec Security Response uncovers hoaxes on a regular
basis. These hoaxes usually arrive in the form of an email. Please disregard
the hoax emails - they contain bogus warnings usually intent only on
frightening or misleading users. The best course of action is to merely
delete these hoax emails. Please refer to this
page whenever you receive what appears to be a bogus message regarding
a new virus, or promotion that sounds too good to be true.
{^top}
What to do
I treat all e-mail warnings about potential new viruses
with a great deal of caution.
I never follow the instructions straight away, especially
delete files.
My first port of call is ALWAYS to check the Symantec website
for the virus. If it is genuine then I will scan my PC for the virus,
having updated Norton Anti-Virus first, and let it deal with anything
found.
It is worth noting that so far, having kept my anti-virus
software up-to-date, and enabling attachment scanning for all in-coming
e-mail I have not yet been infected.
Norton Anti-Virus 2002 automatically quarantines any suspicious
attachments.
SEARCH SYMANTEC
You can search the site for the virus (either by name or by entering one
of the key phrases) on the Symantec website:
www.symantec.com/search/
AV CENTER and HOAX CENTER
Symantec has sections dedicated to both genuine viruses and hoaxes.
www.symantec.com/avcenter/
www.symantec.com/avcenter/hoax.html
{^top}
 software
firewalls
Open Windows
As you have seen above if your network
settings are not secure you could be broadcasting your NetBIOS name to
the on-line world, inviting 'hackers' in to mess about with your files.
Revising your network settings will help solve the problem
and make your PC much more secure. However, that is only half the story.
These settings alone will not prevent all unauthorized access. To make
your system much more secure you require a firewall.
{^top}
Firewall
A firewall is a piece of software that monitors your internet
connection. (In big companies they use a separate PC, or rack-system,
as well as special software.)
A firewall checks what is going in (Access) and what is
being sent out (Server). The firewall allows you control of what programs
may or may not access the internet. If someone tries to access your computer
('hack in') and you have not given them permission then the firewall simply
rejects their attempt. It is a bit like an internet bouncer at the door
of your PC!
With a firewall installed your computer
— and therefore, your personal data as well — is greatly protected.
There are a number of very good firewalls on the market, and some of them
are free including the award winning ZoneAlarm
3, which is the firewall I currently use.
Recommended Software
ZoneAlarm
www.zonelabs.com
A very good, easy to use solid firewall.
Price: Free for personal use. There is also a Pro version available.
Norton Internet Security
www.symantec.com
Norton Internet Security is an integrated internet security suite. It
is solid and IS 2002 won a PCPlus
magazine Value Award
Price: £46
Agnitum Outpost
www.agnitum.com
A rock solid newcomer to internet security, and free for personal use.
What more could you ask for?
Price: Free for personal use
More...
Check out the list and reviews on the FirewallGuide.com
website.
{^top}
 encryption
& privacy
So, now that your PC is more secure to the outside world
how secure is your data, either from outside or from someone noseying
around your system?
Encryption
There are various ways to keep your data secure, but one
of the most efficient ways is to encrypt it.
You could choose to only encrypt certain files or folders,
or your entire system. It is up to you. Some encryption tools are designed
to allow you to send e-mail in an encrypted form, so that only the person
the message is intended for can unencrypt it and read it.
{^top}
Basics of Cryptology
To find out more about encryption read the PGP website introductory
page on cryptology:
www.pgpi.org/doc/pgpintro/
{^top}
Recommended Software
Here are some of the encryption packages that I have used.
There are plenty of other packages available.
PGP
www.pgpi.org
Pretty Good Privacy (PGP) is a freeware package that integrates
with Outlook and Outlook Express and allows you to encrypt and unencrypt
e-mail messages.
It requires you to create two keys: one private and one
public. Here is my public key (which I don't use terribly often, since
none of my friends use it either... bah!)
PGP 7.03 Public Key
for Gareth J M Saunders (2 Kb Zip)
{^top}
Encryption Plus Folders
www.pcguardian.com/
(NO LONGER AVAILABLE ON THIS WEBSITE. See below for details.)
Encryption Plus Folders Freeware is a powerful utility
that protects the contents of a single folder on your computer.
Encryption Plus Folders Freeware uses the well-known and
documented Blowfish algorithm and a 64-bit encryption key.
Just enter a password and select a folder to apply secure
file encryption to its contents. Each time Windows loads, Encryption
Plus Folders Freeware prompts you for its password. When the proper
password is supplied, it takes up residence in your system tray and
grants access to the contents of the folder. If the program is shut
down or the proper password isn't given, the contents of the folder
remain encrypted.
An added feature lets you easily lock and hide your desktop
when you step away from your PC. No manual required. Windows 95/98/ME
and Windows NT/2000 compatible.
PC Guardian no longer support Encryption Plus Folders
Freeware, however you can still download it from www.webmasterfree.com/
software/1243.html
{^top}
Ashampoo Security Manager
www.ashampoo.com
I use Ashampoo Security Manager 99, which I acquired on
the PCPlus March 2002 cover CD-ROM.
The latest version (at the time of writing) is called Encryption Power
2002.
SecurityManager 99 is a powerful application for encrypting
individual files and the contents of entire folders using the DES method
(Data Encryption Standard).
SecurityManager 99 is very secure: When data is encrypted
the original files are automatically overwritten, making it impossible
to restore their contents with file utilities.
SecurityManager 99 is also extremely fast. Programmed
entirely in 32-bit code and utilizing special processor instructions
that have been available since the 80486 generation it achieves performance
comparable to that of hardware encryption systems.
{^top}
|
