±Recent Visitors

Recent Visitors to Com-Central!

±User Info-big


Welcome Anonymous

Nickname
Password

Membership:
Latest: cgsimpson
New Today: 0
New Yesterday: 0
Overall: 6645

People Online:
Members: 0
Visitors: 648
Total: 648
Who Is Where:
 Visitors:
01: Community Forums
02: Community Forums
03: Photo Gallery
04: Community Forums
05: Home
06: Community Forums
07: Photo Gallery
08: Community Forums
09: Community Forums
10: Community Forums
11: Community Forums
12: Community Forums
13: Home
14: Community Forums
15: Photo Gallery
16: Home
17: Photo Gallery
18: Home
19: Community Forums
20: Community Forums
21: Home
22: News Archive
23: Community Forums
24: Community Forums
25: Community Forums
26: Photo Gallery
27: Community Forums
28: Community Forums
29: Community Forums
30: Home
31: Home
32: Community Forums
33: Community Forums
34: News Archive
35: Photo Gallery
36: Community Forums
37: Downloads
38: Community Forums
39: Community Forums
40: Photo Gallery
41: Community Forums
42: Community Forums
43: Community Forums
44: Community Forums
45: Community Forums
46: News
47: Community Forums
48: Photo Gallery
49: Community Forums
50: Community Forums
51: Community Forums
52: Downloads
53: Photo Gallery
54: Photo Gallery
55: Community Forums
56: Home
57: Photo Gallery
58: Community Forums
59: Community Forums
60: Home
61: Community Forums
62: Community Forums
63: Community Forums
64: Photo Gallery
65: Community Forums
66: CPGlang
67: Community Forums
68: Photo Gallery
69: Community Forums
70: Community Forums
71: Community Forums
72: Community Forums
73: Community Forums
74: Community Forums
75: Downloads
76: Community Forums
77: Community Forums
78: Home
79: Community Forums
80: Community Forums
81: Photo Gallery
82: Community Forums
83: Community Forums
84: Community Forums
85: Community Forums
86: Community Forums
87: Community Forums
88: Photo Gallery
89: Community Forums
90: Home
91: Community Forums
92: Community Forums
93: Community Forums
94: Downloads
95: Community Forums
96: Downloads
97: Statistics
98: Community Forums
99: Statistics
100: Community Forums
101: News Archive
102: Your Account
103: Community Forums
104: Community Forums
105: Community Forums
106: Home
107: Photo Gallery
108: Community Forums
109: Home
110: Home
111: Community Forums
112: Community Forums
113: Home
114: Community Forums
115: Photo Gallery
116: Home
117: Community Forums
118: Home
119: Community Forums
120: Downloads
121: Photo Gallery
122: Photo Gallery
123: News
124: Community Forums
125: Downloads
126: Community Forums
127: Community Forums
128: Community Forums
129: Downloads
130: Photo Gallery
131: Community Forums
132: Community Forums
133: Community Forums
134: Community Forums
135: Your Account
136: Community Forums
137: Home
138: Home
139: Photo Gallery
140: Community Forums
141: Community Forums
142: Community Forums
143: Community Forums
144: Photo Gallery
145: Community Forums
146: Community Forums
147: Community Forums
148: Community Forums
149: Community Forums
150: Statistics
151: Community Forums
152: Home
153: Community Forums
154: Photo Gallery
155: Photo Gallery
156: Photo Gallery
157: Community Forums
158: Community Forums
159: Community Forums
160: Photo Gallery
161: CPGlang
162: Community Forums
163: Community Forums
164: News
165: Community Forums
166: Community Forums
167: Community Forums
168: Community Forums
169: Photo Gallery
170: Your Account
171: Community Forums
172: Community Forums
173: Photo Gallery
174: Photo Gallery
175: Community Forums
176: Community Forums
177: Photo Gallery
178: Community Forums
179: Photo Gallery
180: Community Forums
181: Community Forums
182: Home
183: Downloads
184: Community Forums
185: Community Forums
186: Photo Gallery
187: Community Forums
188: Community Forums
189: Community Forums
190: Home
191: Downloads
192: Downloads
193: Community Forums
194: Downloads
195: News Archive
196: Downloads
197: Photo Gallery
198: Community Forums
199: Community Forums
200: Community Forums
201: Community Forums
202: Community Forums
203: Community Forums
204: Community Forums
205: Downloads
206: Community Forums
207: Community Forums
208: Community Forums
209: Community Forums
210: Downloads
211: Community Forums
212: Community Forums
213: Photo Gallery
214: Community Forums
215: Community Forums
216: Home
217: Community Forums
218: Community Forums
219: Community Forums
220: Photo Gallery
221: Your Account
222: Photo Gallery
223: Photo Gallery
224: Photo Gallery
225: Members List
226: Community Forums
227: Community Forums
228: Community Forums
229: Community Forums
230: Photo Gallery
231: Community Forums
232: Photo Gallery
233: Community Forums
234: Home
235: Community Forums
236: Community Forums
237: Community Forums
238: Community Forums
239: Photo Gallery
240: Community Forums
241: Downloads
242: Community Forums
243: Home
244: Community Forums
245: Community Forums
246: Community Forums
247: Photo Gallery
248: Community Forums
249: Community Forums
250: Community Forums
251: Downloads
252: Community Forums
253: Community Forums
254: Home
255: Community Forums
256: Downloads
257: Community Forums
258: Community Forums
259: Community Forums
260: Community Forums
261: Downloads
262: News
263: Community Forums
264: Community Forums
265: Community Forums
266: Community Forums
267: Community Forums
268: Community Forums
269: Community Forums
270: Your Account
271: Community Forums
272: News Archive
273: Community Forums
274: Community Forums
275: Community Forums
276: Community Forums
277: Community Forums
278: Community Forums
279: Member Screenshots
280: Community Forums
281: Community Forums
282: Community Forums
283: Community Forums
284: Community Forums
285: Community Forums
286: Community Forums
287: CPGlang
288: Home
289: Community Forums
290: Community Forums
291: Community Forums
292: Photo Gallery
293: Downloads
294: Community Forums
295: Community Forums
296: Community Forums
297: Community Forums
298: Photo Gallery
299: Community Forums
300: Community Forums
301: Photo Gallery
302: Photo Gallery
303: Downloads
304: Photo Gallery
305: Photo Gallery
306: Community Forums
307: Community Forums
308: Community Forums
309: Community Forums
310: Community Forums
311: Community Forums
312: Photo Gallery
313: Downloads
314: Community Forums
315: Home
316: Downloads
317: Community Forums
318: Community Forums
319: Community Forums
320: Community Forums
321: Photo Gallery
322: Photo Gallery
323: Your Account
324: Community Forums
325: Community Forums
326: Community Forums
327: Community Forums
328: Community Forums
329: Community Forums
330: Community Forums
331: Community Forums
332: Community Forums
333: Community Forums
334: Photo Gallery
335: Photo Gallery
336: Your Account
337: Community Forums
338: Photo Gallery
339: Home
340: News Archive
341: Home
342: Home
343: Community Forums
344: Home
345: Community Forums
346: Home
347: Photo Gallery
348: Community Forums
349: Photo Gallery
350: Home
351: Community Forums
352: Community Forums
353: Photo Gallery
354: Downloads
355: Home
356: Community Forums
357: Community Forums
358: Community Forums
359: Photo Gallery
360: Community Forums
361: Downloads
362: Community Forums
363: Community Forums
364: Community Forums
365: Home
366: News
367: Community Forums
368: Community Forums
369: Community Forums
370: Community Forums
371: Community Forums
372: Home
373: Community Forums
374: Community Forums
375: Community Forums
376: Downloads
377: Community Forums
378: Community Forums
379: Community Forums
380: Community Forums
381: Photo Gallery
382: Community Forums
383: Community Forums
384: Community Forums
385: Community Forums
386: Photo Gallery
387: Statistics
388: Home
389: Community Forums
390: Home
391: Community Forums
392: Community Forums
393: CPGlang
394: Community Forums
395: Photo Gallery
396: Photo Gallery
397: Home
398: Home
399: News Archive
400: Home
401: Community Forums
402: Member Screenshots
403: Community Forums
404: Community Forums
405: Photo Gallery
406: Community Forums
407: Photo Gallery
408: Community Forums
409: Photo Gallery
410: Community Forums
411: Community Forums
412: Statistics
413: Downloads
414: Community Forums
415: Downloads
416: Community Forums
417: Community Forums
418: Community Forums
419: Community Forums
420: Home
421: Community Forums
422: Community Forums
423: Community Forums
424: Community Forums
425: Community Forums
426: Community Forums
427: Community Forums
428: CPGlang
429: Community Forums
430: Photo Gallery
431: Community Forums
432: Photo Gallery
433: Photo Gallery
434: Community Forums
435: Community Forums
436: Community Forums
437: Community Forums
438: Photo Gallery
439: Downloads
440: Community Forums
441: Community Forums
442: Community Forums
443: Community Forums
444: Community Forums
445: Community Forums
446: Community Forums
447: Community Forums
448: Downloads
449: Community Forums
450: Community Forums
451: Community Forums
452: Community Forums
453: Photo Gallery
454: Community Forums
455: Community Forums
456: Community Forums
457: Community Forums
458: Community Forums
459: Home
460: Photo Gallery
461: Community Forums
462: News Archive
463: Photo Gallery
464: News
465: Community Forums
466: Home
467: Community Forums
468: Your Account
469: Community Forums
470: CPGlang
471: Community Forums
472: Community Forums
473: Community Forums
474: Supporters
475: Community Forums
476: Photo Gallery
477: Community Forums
478: Community Forums
479: Community Forums
480: Statistics
481: Community Forums
482: Community Forums
483: Home
484: Photo Gallery
485: Community Forums
486: Member Screenshots
487: Photo Gallery
488: Photo Gallery
489: Community Forums
490: Community Forums
491: Photo Gallery
492: Photo Gallery
493: Photo Gallery
494: Community Forums
495: Community Forums
496: Community Forums
497: Home
498: Photo Gallery
499: Photo Gallery
500: Community Forums
501: Community Forums
502: Photo Gallery
503: Community Forums
504: Community Forums
505: Photo Gallery
506: Community Forums
507: Community Forums
508: Community Forums
509: Community Forums
510: Community Forums
511: Community Forums
512: Community Forums
513: Community Forums
514: Community Forums
515: Community Forums
516: Community Forums
517: Community Forums
518: Community Forums
519: Downloads
520: Downloads
521: Community Forums
522: Community Forums
523: Photo Gallery
524: Community Forums
525: Community Forums
526: Community Forums
527: Community Forums
528: Community Forums
529: Community Forums
530: Community Forums
531: Photo Gallery
532: Community Forums
533: Photo Gallery
534: Community Forums
535: Community Forums
536: Community Forums
537: Community Forums
538: Photo Gallery
539: Home
540: Home
541: Community Forums
542: Statistics
543: Statistics
544: Home
545: Community Forums
546: Photo Gallery
547: Photo Gallery
548: Photo Gallery
549: Home
550: Community Forums
551: Home
552: News
553: Community Forums
554: Community Forums
555: Community Forums
556: Your Account
557: Community Forums
558: Community Forums
559: Photo Gallery
560: Downloads
561: Community Forums
562: Photo Gallery
563: Community Forums
564: Community Forums
565: Community Forums
566: Community Forums
567: Community Forums
568: Home
569: Community Forums
570: Community Forums
571: Community Forums
572: Photo Gallery
573: Photo Gallery
574: Community Forums
575: Photo Gallery
576: Community Forums
577: Downloads
578: Community Forums
579: Photo Gallery
580: Community Forums
581: Community Forums
582: Photo Gallery
583: Photo Gallery
584: Your Account
585: Community Forums
586: Your Account
587: Community Forums
588: Community Forums
589: Statistics
590: CPGlang
591: Community Forums
592: Downloads
593: Community Forums
594: Community Forums
595: Community Forums
596: Community Forums
597: Community Forums
598: Community Forums
599: Community Forums
600: Community Forums
601: Photo Gallery
602: Community Forums
603: Your Account
604: Community Forums
605: Photo Gallery
606: Community Forums
607: Photo Gallery
608: Downloads
609: Community Forums
610: Photo Gallery
611: Community Forums
612: Community Forums
613: Photo Gallery
614: News Archive
615: Community Forums
616: Community Forums
617: Community Forums
618: Photo Gallery
619: Member Screenshots
620: Community Forums
621: Community Forums
622: Community Forums
623: Photo Gallery
624: Community Forums
625: Community Forums
626: Community Forums
627: Community Forums
628: Community Forums
629: Home
630: Photo Gallery
631: Community Forums
632: Community Forums
633: Home
634: Community Forums
635: Photo Gallery
636: Home
637: Community Forums
638: Home
639: Downloads
640: Community Forums
641: Your Account
642: Downloads
643: Community Forums
644: Photo Gallery
645: Community Forums
646: Community Forums
647: Downloads
648: Home

Staff Online:

No staff members are online!
Maximum Security: 94 Essential Tips for Staying Safe :: Archived
Resolve issues with your computer problems here or read about the latest computer parts and information.
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ›  Hardware

Topic Archived View previous topic :: View next topic  
Author Message
Shadow_Bshwackr
Janitor

Offline Offline
Joined: Jan 21, 2005
Posts: 7015
Location: Central Illinois, USA
PostPosted: Wed Nov 16, 2005 10:06 am
Post subject: Maximum Security: 94 Essential Tips for Staying Safe

This is a rather good article PC Mag and Michael J. Steinhart in particular Wink

While this is a long article and takes some time to read, it's my recommendation that all do read it to the end even if it's over several visits. IMO this is quite good and Kudos to Mike Steinhart and his efforts.

Maximum Security: 94 Essential Tips for Staying Safe
11.02.05


By Michael J. Steinhart

How security-savvy are you? Many users simply aren't. Your machine may have come with an antivirus program preinstalled, but is the subscription up to date? Are you running a firewall of any kind? Are you conducting regular spyware and adware scans?

Or do you not mind hackers and unscrupulous marketers mining your PC for personal data?

We're always telling you about the latest and greatest security products, but at the core of any strategy must be common sense, healthy skepticism, and a willingness to learn. If money's tight, there are plenty of free resources that can help you protect your system or systems. It doesn't hurt to have some experts on your side, either, and that's where we come in.

We've collected dozens of our best security tips and pointers, broken down by category: system, networking and wireless, e-mail, Web surfing, malware, and mobile. Whether you're a novice or a seasoned user, you'll find plenty of valuable advice for shoring up your defenses and maximizing your security.

System Security
11.02.05
Get in the Zone


Safe Out of the Box

New computers are often the most vulnerable to Internet and e-mail–borne attacks. Before you connect a new machine to the Internet, make sure that it is protected by a firewall and patched to the greatest extent possible. And if you're giving a PC or laptop as a gift this year, secure the machine before you give it to a novice user.

Put up a hardware firewall. Ideally, the PC is on a network with a hardware firewall. This will ensure that the devices behind it are protected against most attacks. If the PC is not on a network, purchase a firewall device. Any of today's home wireless and wired routers provide some firewall functionality.

Put up a software firewall. You'll also want a software firewall on each PC, to further block hack attacks and protect against misbehaving applications. Windows XP comes with a partial solution; you should make sure it's enabled until you get a better one. Prior to Windows XP Service Pack 2, it was called the Internet Connection Firewall (ICF), and it's pretty bare-bones. The firewall in Service Pack 2 (called the Windows Firewall) is much better, but it still prevents only inbound unwanted traffic. You really want a two-way firewall, such as ZoneAlarm Pro or Norton Personal Firewall, to stop unwanted outbound traffic�for example, attempts by spyware to send personal data to its creators.

Install SP2. Windows XP Service Pack 2 fixed many security holes in XP and improved the operating system's patching tool. The safest way to update a system to SP2 is to order a CD from Microsoft or download a complete copy of the service pack from downloads.microsoft.com to an already updated system, then burn it to a CD and put it on the new computer. If you have enabled the ICF, you can feel safe enough to go to the Windows Update site (www.windowsupdate.com) and install SP2 on the new computer.

Watch out for malware. Even with a firewall in place, you need to be wary of virus-infected e-mails, Web pages that exploit browser holes, and adware you could install unwittingly off the Web. Install an antivirus program and update it before surfing the Web casually or setting up e-mail. Set the antivirus program and Windows to retrieve and install security updates automatically. When your update subscription runs out, resubscribe. If a newer version of the antivirus software is available, upgrade. Out-of-date antivirus protection is no protection at all!

You've got adware. It's possible your new machine may come preloaded with adware, so you may want to install a good antispyware product, such as Spyware Doctor from PC Tools or Webroot Spy Sweeper, and scan the system before going online.

How suite it is. The easiest way to protect yourself and ensure the apps doing the job don't conflict with one another is to get a package, such as ZoneAlarm Security Suite, that includes antivirus, antispyware, antispam, and firewall.

Protection on the cheap. There are several good, free antivirus filters and software firewalls available, such as avast! 4 Home Edition and ZoneAlarm 6 free. Generally they're only for personal use, and they aren't quite as easy to configure as the commercial products. (Check out "Web Resources" by visiting go.pcmag.com/freeware.)

System Security

Restrict Access

Windows XP's User Accounts applet offers two levels of user security: administrator and limited. An admin account lets you do anything on the system, which leaves you at risk for any malicious program installing code at will. The limited account does not allow program installation or changes in system settings.
Restrict Access

Limit yourself. By default, XP asks for a user name on installation, assigns it administrator privileges, and boots directly into that user from then on. But you can set up a limited account by clicking on Start | Control Panel | User Accounts. Select Create a new account, and name the user. Click Next and select Limited user on the Account Type screen, then click Create Account. Use the limited account for day-to-day activities.

Set a password. For increased security, assign a password to every account with administrator privileges. From the User Accounts screen, click on the user and select Create a Password. Follow the wizard and add a password to the account. Don't use an obvious password such as "password," "admin," or your username.

Doors are locked. Some people don't want to set a password because it slows down the log-on process. But password protection is absolutely essential. If you're sure your system is in a safe location, however, you can use Microsoft's TweakUI PowerToy (www.microsoft.com/windowsxp/downloads) to log on to a specified account automatically. Click the plus sign next to Logon, select Autologon, choose Logon automatically at system startup, and specify a username and password. Note that an office is not a safe place. We recommend this only if you trust all your housemates and visitors, and if your PC is always in a secure location.

Quick fix. Unfortunately, the limited user account makes some applications, such as games, difficult or impossible to run. But you can log on as a limited user and still use incompatible programs by using the Run with different credentials option. First install the app. Windows may balk if you try to install from the limited account, in which case you have to log out and log back on as the administrator, or it may just ask for an admin's username and password. Once it's up and running, log off and log on to the limited user account. The app should run properly, but if it doesn't, right-click on its shortcut or menu item, select Properties, and click the Advanced button on the Shortcut tab. Now check the Run with different credentials box and click OK.

Note that Windows won't let a Limited user change a shortcut that's shared by all users. If an "Access denied" error message pops up when you click OK, cancel your changes and right-drag the shortcut to the desktop, choosing Copy. Now edit the resulting local shortcut as described above. When you double-click on the icon, you'll get a log-on dialog telling you to enter a username/password that has administrator rights.

System Security

Get in the Zone

Even if Internet Explorer isn't your default browser, its rendering engine is used for everything from the Windows Explorer file manager to the Active Desktop. So you're still exposed to any threat that exploits IE security holes. We recommend using security zones to manage the Internet, but by default the local machine, or "My Computer," is not available from the zone settings. You can, however, set a value in the Registry to make it available.

Close all browsers and instances of My Computer or Windows Explorer, then open RegEdit (Start | Run, type in regedit and press Enter). Navigate to the Registry key: HKEY CURRENT USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0. (Right-click this key and choose Export to create a REG file that you can launch to undo your changes if necessary.)

Find the value Flags and double-click on it. In the editing window, change the value to 1. Click OK and exit RegEdit.

Once you've made the change, go to Control Panel, open Internet Options and choose the Security tab. Select the My Computer content zone (you may have to scroll to the right) and then click on Custom Level to make changes. Be careful; security changes may affect the way some programs work. When in doubt, set IE to alert you rather than block questionable events.

System Security

Rolling Back Time

Use System Restore. Windows System Restore (in Windows Me and XP) lets you roll back the system settings and critical files if installing or uninstalling a program causes problems. The tool sets restore points on a regular basis and creates additional points before apps and drivers are installed. When your security tools can't clean an infection, try restoring your system to an earlier time before the malicious app arrived.
Rolling Back Time

To verify that System Restore is running, go to Control Panel | System and choose the System Restore tab.

System Restore for Windows 2000: Win 2000 doesn't include System Restore. You can, however, replicate much of its functionality. The Windows 2000 Backup program (Start | Programs | Accessories | System Tools | Backup) has a System State option under the Backup tab. On a normal Windows 2000 system, this backs up the boot file, the COM+ class registration database, and the Registry.

Disable System Restore temporarily (XP). Unfortunately, antivirus and antispyware tools cannot clean infections from restore points, so even if you've cleaned out some malware, a rollback may bring reinfection. We've also seen infected restore points cause the security software's alarms to go off at each scan. To stop this from happening, you'll need to disable System Restore.

From the System Restore tab (Control Panel | System) check Turn off System Restore on all drives. This will delete all restore points. After the cleanup, turn System Restore back on. Just repeat these steps and uncheck the box.

System Security

Using Safe Mode
Using Safe Mode

Starting your computer in Safe Mode is often one of the only ways to regain control after a crash or a virus or spyware attack. Windows usually blocks you from deleting any files that are currently running (including malicious software), and malware often makes sure it loads at start-up. Safe Mode bypasses many drivers and start-up programs; by going into this mode you may be able to remove the offending apps. (We've also found that simply booting into Safe Mode and then rebooting back into Normal Mode may make an unstable system more reliable.)
Getting to Safe Mode

To enter Safe Mode, you need to coax Windows into displaying the Startup menu. Depending on the version, this menu offers Normal or Safe Mode, and sometimes Safe Mode with networking, command prompt, and other options.

Getting to Safe with F8. You can get to the Startup menu by pressing a hot key during boot time, or using the System Configuration Utility (MSConfig, not available in Win 2000).

Typically, you enter Safe Mode by pressing F8 after powering up. Some systems may prompt you to start tapping the button at a specific time in the boot sequence with a signal, such as a small line or square in the upper left corner of the screen, or with a beep. Whatever the signal, when you receive it, press F8. If your BIOS is set for quiet mode, though, you probably won't see the signal.

Safe Mode the MSConfig way (XP). If you're using Windows XP, choose Run from the Start menu, type msconfig and press Enter. Select the BOOT.INI tab, enable the /SAFEBOOT option and click the OK button. If you're going to need network or Internet connectivity, check NETWORK here, too. When the system asks you to restart, click Restart and Windows will boot into Safe Mode. To restart in normal mode, reopen MSConfig, select the BOOT.INI tab, and uncheck /SAFEBOOT, then select the General tab and check Normal Startup.

System Security

Extend Your View

Malware files often use double extensions. By default, Windows hides file extensions; this feature may help a malware file trick you into thinking it's safe to open. A virus named prettywoman.jpg.exe, for instance, would appear as prettywoman.jpg. Change your settings to see the real extensions.

In Windows XP/2000, open My Computer, then click on Tools | Folder Options. Select the View tab, look for the heading Hide extensions for known file types, and uncheck the box.

Network & Wireless Security
11.02.05
How Secure Are You?


How Secure are You?

Get a checkup. Vulnerability scanners probe computers on the network for potential security holes, and some even give you instructions on fixing them. There are many excellent commercial scanners, such as Retina from eEye ( www.eeye.com ), the ISS Internet Scanner ( www.iss.net ), and AppDetective by Application Security ( www.appsecinc.com ), which scan for a large number of known problems and are updated as new issues are discovered. You can specify a particular system to scan or, if you give the tools an address range, they will find all systems and scan them for you.
How Secure Are You?

These are probably overkill for a home network. Instead, you could try the NeWT security scanner, a free tool from Tenable Network Security ( www.tenablesecurity.com ). Microsoft also offers a free tool, the Microsoft Baseline Security Analyzer ( www.microsoft.com/tech...ahome.mspx ), which scans single systems or systems across a network for common misconfigurations and missing security updates. If you administer a business network, you should use these free tools in addition to a commercial scanner.

Scan from within and without. Scans run inside the network probe for vulnerabilities from the perspective of a user already logged on. If you have a firewall in place, your internal environment is protected from many outside threats. Run the scanner from outside your network and tell it to scan your outside IP address. Look for open ports and make sure they're all being used for the applications you want.

Be cautious. Vulnerability scanners can generate a flood of warning messages, many of them doing nothing more than telling you that you did something (like open port 80 on your Web server) that you plainly intended to do. So don't assume the scanner knows more than you, especially when it gives the warning a low priority. Take advice from these programs as suggestions, not orders.


Network & Wireless Security

Wireless? Go WPA

Even the people who designed WEP (Wired Equivalency Privacy, the first-generation wireless security protocol), admit that it's a weak protocol that's easily outwitted. The next generation, WPA (Wi-Fi Protected Access), is a much better solution, but it's not necessarily available for your old Wi-Fi equipment. Linksys, for example, includes WPA support in all its 802.11g equipment, but added it to only a few of the older, 802.11b devices. See "Wireless Security: WPA Step by Step" at go.pcmag.com/WPA to learn how to upgrade your equipment to WPA.

WPA provides enterprise mode, in which users enter individual usernames and passwords that are checked by a special server, and personal mode, where everyone uses the same shared password. That password is used as a key for encrypting all the data on the network. In our experience, we've found that all home users and almost all small businesses will get along fine with the shared password mode.

A relatively new WPA2 that implements even stronger encryption than WPA is beginning to appear in products. The improvements are benign overkill for home users, but WPA2 is backward-compatible with WPA, so there's no reason not to buy it.

For the best protection, use a passphrase of at least 20 characters and write it down somewhere safe.

Network & Wireless Security

Avoid Windows Messenger Spam

If you're using Windows XP or Windows 2000 and connect directly to the Internet, you can fall victim to Windows Messenger Service pop-ups. This is not related to any instant messaging app, but to an arcane network utility called Net Send.

The Net Send message service was used by network administrators to send pop-up messages to all users (like "The server's going down in 5 minutes, so save your work and shut down"), and to let users send notes to one another.
Avoid Windows Messenger Spam

By default, Windows XP and 2000 both have this service running when you start your computer, with the result that when you are connected to the Internet, anyone who knows your IP address can send you a pop-up message that looks like a Windows alert, not an ad. Some spammers scan through a series of Internet addresses and find computers that have this service turned on. When they find one, they send it a message.

Turn off Net Send. In Windows 2000 and XP, you can turn off the Messenger Service by clicking on the Start button, then selecting Run and typing Services.msc. Press Enter. In the Services window, scroll down to the Messenger entry. Double-click on it to bring up the Messenger Properties window. First click the Stop button to end the Messenger Service. Once the Service status is tagged Stopped, click on the Startup type drop-down box and select Disabled. Now click on OK. You will be brought back to the Services window, and the Messenger Properties window will now say Disabled under Startup type. Close the window and you're done.

Or keep it on. The fix above can eliminate the problem, though it can sometimes get in the way of legitimate application alert functions from antivirus programs, print spoolers, or a UPS device.

If you find that you must keep the Net Send Messenger Service running, you can block external messages using a firewall. When using a hardware or software firewall, block inbound NetBIOS and UDP protocol broadcast traffic. When setting up a personal firewall, such as ZoneAlarm, you may need to create exceptions for your own subnet, or for individual machines with which you want to share data.

Network & Wireless Security

Working on the Chain

Some browser hijackers insert themselves into the Windows Winsock (Windows Sockets) component�the mechanism that applications use to make Internet connections�and when they're removed they leave the component broken and unable to connect.
Working on the Chain

The new Winsock 2, installed by upgraded versions of Internet Explorer and native to Windows XP, incorporates a feature called Layered Service Provider (LSP), which allows third-party vendors to insert their own code�for monitoring or content filtering�into the Winsock data stream. The feature is also used by spyware companies to facilitate their own monitoring. When a legitimate program (such as Net Nanny or Cybersitter) is uninstalled, it patches up the Winsock. Spyware products don't always extend the same courtesy.

When the Winsock is broken, you may be able to use IM but not e-mail and Web browsing. This odd behavior makes troubleshooting difficult, because you're connected to the Internet and you have an IP address, but the browser still won't work.

The easiest way to fix the broken chain is to use a freeware utility called LSP-Fix. This utility is primarily for Windows 98, though it works on Windows Me, 2000, and XP. It is available from Counterexploitation, a Web site dedicated to identifying and removing spyware, adware, and other malicious programs, at www.cexx.org/lspfix.htm. LSP-Fix works by "reconnecting" the disconnected layers in the Winsock stack. In most cases it can repair the damage without further problems.


E-mail Security
11.02.05
Don't Get Attached


Don't Preview

We all know we shouldn't open unknown attachments, but having the message preview pane enabled in Outlook or Outlook Express can automatically open messages that may infect your system. Note that if you have Service Pack 2 installed (as we recommended in the first section), Outlook and OE do prevent many problematic items from displaying in the preview pane, but it's safer to disable it entirely.

In Outlook Express, select View | Profiles | Preview Pane and turn it off.

In Outlook 2000, select View | Preview Pane (it's a toggle, click on, click off).

In Outlook 2003, select View, then Reading Pane, and click Off.

E-mail Security

Don't Get Attached

Block attachments in Outlook. Not opening attachments is probably the best way to prevent infection. Outlook 2003, Outlook 2002, and Outlook Express 6 come configured to block dangerous attachments automatically; in Outlook Express you can turn the blocking off, but in Outlook 2003, it's always on. You can also update Outlook 98 or Outlook 2000 to include attachment blocking.

Block attachments in OE6. If you're using Outlook Express 6 and extension blocking is off, click on Tools, then select Options. Select the Security tab, and click the check box for Do not allow attachments to be saved or opened that could potentially be a virus.

Early warning. In Outlook Express, check the box marked Warn me when other applications try to send mail as me for a little extra protection.

Add to the block list. What about ZIP, PIF, and other file formats that could hide malware? These aren't stopped by default, but the Microsoft Knowledge Base article at support.microsoft.com/kb/837388 describes how to add extensions to Outlook's block list; unfortunately, it doesn't work with Outlook Express. The technique requires editing the Registry, but it is basically the same for Outlook 2000, 2002, and 2003.

Here are the steps for home users (non-Exchange environments) using Outlook 2003. For Outlook 2000, substitute a 9.0 for the 11.0 in the HKEY. For Outlook 2002, substitute 10.0. We recommend backing up this Registry key before using the editor.

Click Start | Run, type regedit, and then click OK. Locate and then click the following key: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security. On the Edit menu, point to New | String Value. Type Level1Add, and then press Enter. On the Edit menu, click Modify. Type <, then a list of the attachment file extensions (separated by semicolons, not spaces), then >. For example, you would type .zip;.pif if you wanted to block both formats from appearing in the e-mail message as an attachment. The value string would look like this: <.zip;.pif>

Unblocking files. If you need to open up access to a blocked attachment, you can use the Level1Remove key. Surf over to Slipstick Systems (www.slipstick.com) for instructions and a full list of the blocked extensions, as well as a list of tools that let you add or remove attachment blocking without editing the Registry.

E-mail Security

Return to Sender

Clever spoofs. An unwelcome side effect of the latest worms is the barrage of undeliverable mail. Many viruses use "undeliverable" or similar messages in the subject line so users will be duped into opening the message and infecting their machines. Also, e-mail viruses deliberately spoof the return address when sending themselves to a harvested list. This prevents legitimate nondelivery messages from alerting the victim to the virus's presence�and dumps irrelevant nondelivery messages on the owner of the spoofed address. In either case, delete the message without opening it.

Check the header. If you think that it might be from a legitimate address, right-click on the message line in the Outlook Inbox and select Options to view the header (do not double-click, or you'll open the message). In Outlook Express, right-click, select Properties, and choose the Details tab.

Even though the header seems indecipherable, you can use it to find out whether a real correspondent bounced back the message. Check the To: area for a legitimate e-mail address; if you find one, this is a real undeliverable response for the server where that e-mail was sent.

E-mail Security

Certified Mail

How do you know that e-mail from your mom is really from her? You don't. E-mail doesn't have any built-in authentication. There are efforts under way to add authentication between e-mail servers, but personal authentication options have been around for years. Your mom just needs her own digital certificate.
Certified Mail

Buy a certificate. When you receive a message that is digitally signed, it comes with a seal icon. Double-click on it, start exploring, and you'll find information about the sender, and, potentially, a certificate authority. This is a company that issues certificates (typically for a fee) and vouches for the information in them. To get a certificate in Outlook, click Tools | Options and go to the Security tab. Click the Get a Digital ID… button near the bottom. This will open the browser to a Microsoft page with information on digital certificate vendors.

Or get one free. There are tools you can get for free to generate unique certificates, but if they are not held by a public authority, all they can prove is that the message wasn't tampered with. A better idea is to visit thawte (www.thawte.com), a subsidiary of VeriSign that offers personal certificates for free.

Certification pays. Digital certificates let you encrypt message contents and prove that they have not been tampered with, and AOL Instant Messenger (among other apps) can use your certificate to authenticate your ID.

Use Outlook for encryption. S/MIME (or Secure Multipurpose Internet Mail Extensions) is the standard for encrypted and "signed" e-mail. All recent versions of Microsoft Outlook and Outlook Express, Eudora, and Netscape Messenger support it, but no product makes working with certificates easier than Outlook.

E-mail Security

Something's Phishy
Clever Spoofs

When searching for bargains on the Internet, be very skeptical of sites with which you don't have a relationship and which you don't know from reputation. Scammers put a lot of work into search-engine placement to attract deal-hunters. Links to these shady stores lead to a checkout screen asking for the card name, number, expiration date, and CVV (card verification value). After you provide the information, you're brought to a page that says an error has occurred and you should pay by postal money order. This means some victims could actually lose their credit card information and the value of the money order.

E-mail Security

Don't Be a Spam Magnet

Spammers make money not just by spreading advertisements, but by reselling their lists, and the more live people on the list, the more valuable it is.

Don't buy it. The worst thing you can do is buy something from a spammer. It puts you on a list of "real live ones."

Don't unsubscribe. Don't click the Unsubscribe or Click here to be removed from our list links at the bottom of spam messages. Doing so lets spammers know your address is valid. Note that many legitimate sites�such as e-tailers�also provide an unsubscribe link with their e-mail messages, and those are honored.

Don't open or preview. Spammers can confirm your existence when you open an HTML spam message. Through images on the page, or "Web bugs," the spammer's server gets alerted that you opened the e-mail. The latest versions of Outlook and Outlook Express address this by not downloading images unless you tell the program to do so. If you don't know the sender, don't get the pictures.

Web-Browsing Security
11.02.05
Get Inside


Internet Explorer's default settings, while allowing you to enjoy all the Web has to offer, can sometimes be too open. Here are some ways to tighten up IE's security.

Web-Browsing Security

Get Inside

Open Control Panel | Internet Options to access Internet Explorer's settings. In the Internet Properties dialog, select the Security tab, then click on the Custom Level button. You can scroll through all the available settings. In each instance, you have the option of Enabling, Prompting, or Disabling the function.

Disable by default. In most cases, it's best to disable something questionable. If you choose to be prompted, you may end up with many more annoying alerts than you've encountered in the past.

Prevent pop-ups. Completely preventing active scripts from running is a drastic move, as many sites use scripting for legitimate purposes. However, if you frequent sites that pop up dozens of extra windows, try this: Scroll down the Security Settings list to Scripting and disable all settings (in IE 6, it's three settings). You may also want to disable ActiveX controls; certainly don't automatically enable them. You can also block signed controls (which have a valid certificate) or unsigned ones. In Medium security mode, unsigned controls are disabled, signed ones are allowed.
Get Inside

Establish trust. What if you want to disable scripting for most pages, but want to look at PCMag.com or eBay without a flurry of alerts? IE has settings that let you manage these "trusted" sites without compromising general security. To add often-visited Web sites to the Trusted category, choose Tools | Internet Options from the menu and click the Security tab. You will see icons for several "Web content zones." Click on the "Trusted sites" zone icon, and then click on Sites. Type in the domain of the trusted site, such as ebay.com, and click Add. You may need to uncheck the box titled Require server verification (https:) for all sites in this zone. IE will prefix the domain with the "*" wildcard character, though you won't see it until you exit and reenter. When you're done, click on OK. Trusted sites get a Low-level security rating, which allows downloading content such as ActiveX controls and plug-ins, cookies, and all scripting. IE will still block unsigned ActiveX controls.

Why am I still getting alerts? If you've set scripting and ActiveX control downloads to Prompt, you may still get warnings on trusted sites. This is usually because the site supports banners or ads that are hosted by nontrusted domains.

Web-Browsing Security

Be Different

Switch browsers. Most virus, worm, and spyware writers go after the largest targets. That's the primary reason they tend to attack Windows and Internet Explorer. An easy step to reduce your risk is to switch to the free browser Firefox, or to Opera (which is now ad-free, too). Moving to a lower-profile browser isn't a magic bullet, though, so keep your security settings on the alert.

Switch OSs. A more radical step, but worth consideration, is to move off the PC platform entirely and buy a Mac, or use Linux, which runs on most existing hardware. It's questionable whether these non-Microsoft products' code is any more secure, but simply because they move below the radar they're less susceptible to attack.


Web-Browsing Security

Change Your Layout

A fairly common technique used by phishing attacks changes the URL displayed in the Internet Explorer address bar by popping up a tiny window over it with the false address.

One of the reasons this works is that the address bar is usually in its default location. If you move the address bar, the window still pops up, but it's obvious that it's a false address, because it appears in the wrong place.

Move it. You can move any of the menu or button bars in Internet Explorer by clicking and dragging the vertical line of dots at the left end of the bar. If you have trouble moving these toolbars, they may be locked. Right-click on an empty toolbar area and uncheck Lock the Toolbars.

Web-Browsing Security

Don't Get Jacked

Browser hijacking is one of the most common ailments facing home and corporate users. You surf to a site, and all of a sudden, your browser defaults to a specific search engine and your home page is different. The scammers responsible even monitor the results of targeted advertising (usually in the form of pop-ups) in your browser.

Most of these annoying pages are just pushing a product or service, but some hijackers are accompanied by Trojan horses and backdoors that let vendors download updates and collect keystrokes and other data.

Be skeptical. Most hijacks come through user interaction. If you get a pop-up asking you to download a special viewer, free software, or, in its simplest form, change your home page, click No or close the window.

Stay updated. Make sure you've got all the Windows updates and that your antivirus program has the latest signatures. Most can stop these hijacking Trojans at the front door.

Clean up. If you fall victim to a hijack, use a spyware scanner (such as the free Micro-soft Antispyware beta, Spy-Catcher Express, Ad-Aware, or Spybot Search & Destroy) to root out the bad code.


Anti-Malware Security
11.02.05
Fakes A-Poppin'


Changing Antivirus Protection

Most antivirus products provide a year of updates once you open the box, with the option to buy extended update plans. But sometimes you may want to switch to a new product, either by the same or different vendor. Remember, antivirus products don't coexist well. Even if a product is out of date, if it is configured for on-access scanning, it is "watching" your file and Internet access. Many also use an e-mail proxy, which redirects incoming and outgoing mail through a scanner, all of which can either conflict with new antivirus products, or at best, hurt performance.

Out with the old. Uninstall and remove your old antivirus before installing the new product. If your old software is reasonably up to date, do one last scan before uninstalling to be sure to start clean. It's especially important that your software firewall (or at least the Windows Firewall) be active during that time period from when you uninstall one product to when you install the other.

In the meantime. If the old software is more than a week out of date, use an online scanner, such as Trend Micro's free HouseCall, McAfee's Stinger tool, or Panda Software's ActiveScan (see Web Resources for Getting Rid of Malware for more free apps). Before you uninstall, close all Web pages and your e-mail client to minimize exposure.

Disable first. You may get a warning to disable the antivirus before uninstalling, which you can do with most products by right-clicking on the icon in the system tray (next to the clock in the lower right of the screen). If the product asks whether you want to delete the quarantine or backed up files, say yes, as the new AV will probably find them when it installs.

In with the new. Install the new product and update its definition files immediately. Do a full drive scan. Finally, make sure that the on-access scanner is enabled.


Anti-Malware Security

Fakes A-Poppin'

What do you do when you get a pop-up warning out of the blue that you might have a security problem? The scammers behind what purports to be security software like to take advantage of nervous users. Clicking anywhere in this ad, whether on the phony "Yes" or "No" buttons or anywhere else, takes you to the vendor Web site, where you can download their product. Our advice is: Ignore these messages and close the windows immediately by pressing Alt-F4.

Unmask the impostor: These pop-ups look very much like Windows dialogs and even menus. How do you recognize that a window is really a pop-up ad?

First, even if a window presents a dire message, don't panic. If you look at the title bar and status bar, the top and bottom of the window, you can tell that it is an Internet Explorer window. This is a clue, but not conclusive proof that the window is not a security warning.

Full proof. If you're still curious, though, right-click on it and select Properties. You should be able to see the originating site. A real IE-based dialog box from Windows would have a nonstandard address starting with something like res:. A Web ad will have an ordinary URL.

Anti-Malware Security

Spyware-Fighting Tools
Spyware-Fighting Tools

Pop-ups be gone. Google, MSN, and Yahoo! all offer free pop-up blockers. Opera and Firefox have ones built in, and Windows XP Service Pack 2 adds one to Internet Explorer. Many good antivirus suites now also come with pop-up blockers, so there is no need to actually buy one. But use a blocker from a company that you trust.

Tougher threats. Rogue or suspect anti-spyware programs advertise through the very pop-ups that they claim to remove, and often badger a user with high-pressure tactics.

One of the hallmarks of these products is that they are free to download and scan, but if you want to clean your system, you must purchase a license. Some of these will produce false positives, claiming spyware infections to further convince you to buy. The most insidious of the lot, dubbed extortionware, uses malicious installations, blocks removal, and sometimes causes connectivity problems, unless you buy the product. A few of these rogue products will actually be spyware themselves, recording data and reporting back to their vendors' sites.

How do you tell the difference? As a general rule, if a vendor uses a pop-up ad to advertise that it rids your system of pop-ups and spyware, you should consider it suspect. Although some good commercial antispyware products offer free scans, legitimate ones will not state in an ad that they already detect an infection.

Get help. SpywareWarrior.com lists over 90 applications that have been tested or are suspected to be of unknown or dubious value as spyware protection. Also check out SpywareGuide (www.spywareguide.com), which offers information and tips.

Read the fine print. Keeping your system clear of spyware, adware, and malicious programs takes diligence and awareness. Pay attention to requests to download software to your machine. Don't agree to anything until you read the End Use License Agreement (EULA). If something sounds fishy, close the browser.

Anti-Malware Security

Here's Your Host
Here's Your Host

When you type in a Web address, such as www.pcmag.com, the browser contacts a central DNS (Domain Name Services) server, which looks up the site and translates it to a numeric IP address. But every copy of Windows has a mini-DNS called the hosts file, and the browser checks that first before reaching out to a DNS server somewhere on the Net.

This hosts file is a favorite target for viruses, spyware, and browser hijackers, which can, for example, use the hosts file to direct all requests for Yahoo! or Google to their own search page by listing the domains, but pointing them all to a single IP address. Some viruses and worms use the hosts file to block access to antivirus sites, too, pointing their domains to your own system, represented by the Localhost address of 127.0.0.1.

Fixing a hosts file is actually pretty easy�you just edit it in Notepad. You'll find it under the Windows folder. In Windows XP, it's in C:\Windows\System32\Drivers\Etc; in Windows 2000, it is C:\Winnt\System32\Drivers\Etc.

The lines in the file that begin with pound (#) are comments, so the only active line is the last one, which directs Local-host to the IP address 127.0.0.1.

Hosts that have been hijacked may look like this:

66.250.107.100 msn.com

66.250.107.100 www.msn.com

66.250.107.100 search.msn.com

66.250.107.100 auto.search.msn.com

Any attempt to access MSN would open up this alternate page.

It could also look like this:

127.0.0.1 localhost

127.0.0.1 liveupdate.symantec.com

127.0.0.1 update.symantec.com

127.0.0.1 download.mcafee.com

127.0.0.1 www.symantec.com

127.0.0.1 www.sophos.com

Now you'll get an error whenever you try to access these antivirus sites.

To fix the file, you can delete everything in it except the Localhost listing. If that line is missing, create a simple text file with only one line�127.0.0.1 localhost�and save it as the file name "hosts" (no file extension) to the same folder.

Note that you can also use the hosts file to block unwanted sites, by adding the site address to the list and redirecting it to Localhost.

Anti-Malware Security

Identify Nasties

Many malicious programs, and even some well-meaning ones, add junk to the start-up folder. Memory clutter is one of the main causes of slow booting, slow running, and general system instability. The more things load at start-up, the slower the boot process, and the less room later for other programs.

Run MSConfig. The System Configuration Utility lets you edit the programs that Windows loads at boot time. Click on Start | Run, type in msconfig, and hit Enter. Use the Startup tab to enable or disable all or individual files. Disabling all files can be used to narrow down a problem. In most cases, disabling all start-up items will allow Windows to boot cleanly, after which you can add back files, such as the user interface for antivirus and firewalls that run at boot time. Important note: If you're using MSConfig, be careful not to make any changes in the Services tab.

Use a Start-Up Manager. A start-up manager such as Absolute Startup (go.pcmag.com/absolutestartup) or our own Startup Cop Pro (go.pcmag.com/utilities) gives you much more control over which apps can run at start-up.

Identify bad files. How can you tell which start-up files are good and worth keeping? Many times you can get an idea of what a file is by looking at the Command or Location column in MSConfig. The command is the executable file and command line string used to start a file. The location shows where the command is executed from, usually a Registry key or the Windows Startup folder.

If that doesn't work, visit www.sysinfo.org and check its database to determine whether a file is required or associated with the system, with applications, or with malicious code.

You can also search for the filename on Google. The results often include a definition from AnswersThatWork.com or the WinTasks Process Library (www.liutilities.com/products/wintaskspro/processlibrary). WinTasks can also help you sort out processes in the Windows Task Manager. The PC Magazine Premium Utility TaskPower provides similar functionality.

Once you've ID'd a file, you can enable or disable it. When you're done, click OK (or Apply and OK). Windows will ask you to reboot, and then it'll display a warning box that tells you it's using selective start-up. Clicking OK launches MSConfig again. You can bypass this by clicking the Don't show this again option.


Anti-Malware Security

Picking Up the Pieces

Spyware removers don't always clean out all the fragments of everything they delete.
Web Resources for Getting Rid of Malware

Not to worry. The basic issue is whether there's anything left that can run, and most often, there isn't. But for those who like a system scrubbed really clean, a spyware removal tool can get you to the point where you can search manually for and remove the remainder. It's easier if the fragments are stored in well-named Registry keys and directories, but if the program hides in the Windows System directory, detection is harder.

Do another scan. Scan with another program. The second scan may flag fragments as proof that the malware isn't gone, but that will help you locate and remove them. As long as you are careful to run only one resident scanner at a time, you should see no conflicts.

Mobile Security
11.02.05
Kiosk Safety


Stay Cool at Hot Spots

Surfing the Web at your local coffeehouse is great, but the guy sitting a few seats away could be surfing your laptop, downloading personal or corporate data. Public wireless hot spots often let hackers store and retrieve data with relative ease. You need to do two things:

Disable file sharing. In Windows XP, open Control Panel and select Network Connections. Right-click on the wireless adapter and select Properties. On the General tab, scroll the list of items the adapter uses and uncheck File and Printer Sharing for Microsoft Networks.

Use a personal firewall. Use a product that supports security zones, such as Norton Personal Firewall or ZoneAlarm. The firewall will sense that you're on a new network and ask you whether you trust the network. You don't.

Mobile Security

Kiosk Safety

Public computers at Internet cafés, libraries, and airports are convenient, but they require heightened vigilance.

Look around. Make sure nobody's able to glance at your screen or keyboard.

Beware of keyloggers. Many public computers are locked down, so no additional software can be installed except by the administrator. But there's a chance a hacker could install a Trojan keylogger to capture keystrokes, and an industrious crook could use a hardware device�such as the KeyGhost Hardware KeyLogger�that connects between the keyboard and PC. The KeyGhost device can be mistaken for part of the normal keyboard cable. If you can, check where the keyboard plugs into the back of the machine to make sure there isn't an extra plug. If there is, find another PC.

Another clever workaround is to click Start | Accessories | Accessibility | On Screen Keyboard and type your password in using the mouse, or type your password with one or more strings of junk in the middle, then delete the junk using the mouse.

Don't tip your hand. We recommend that you avoid typing any sensitive data at public kiosks. Also, don't walk away from the computer while you're logged in. Many sites (such as eBay) set cookies for an online session so if you close the browser and reopen it, you don't have to log on again. If you close the browser and walk away, the next user could pick up where you left off. Microsoft Passport and Yahoo! accounts can also be persistent. If the kiosk has Windows XP, it could ask if you want to associate your Passport account to the Windows XP account. Be sure to say no!

Clean your tracks. Be sure to delete your electronic trail of temporary files, cookies, and surfing history. If you're using Internet Explorer, click on Tools | Internet Options. On the General tab, click on Delete Cookies, Delete Files (and be sure Offline content is checked), and Clear History.

Still in Internet Options, click the Content tab, then click the AutoComplete button. In the resulting dialog box, click the Clear Forms button and the Clear Passwords button.

If you downloaded any documents, delete them too. If you edited any documents, clear the "recently used documents" list. In Windows XP, right-click on the taskbar at the bottom of the screen and select Properties. Select the Start Menu tab; click on Customize | Advanced. Now click on the Clear List button for Recent Documents. Lastly, empty the trash to purge any deleted files.


Mobile Security

Security Is Key

To better protect yourself when using computers other than your own, especially public PCs, carry around a USB memory drive loaded with mobile security tools. We covered several in "The Ultimate USB Key" (go.pcmag.com/ultimateusb).

Use a password manager. Siber Systems' Pass2Go (www.pass2go.com), for example, lets you store all your passwords on the key and fills in log-on forms in IE and Firefox automatically, evading some types of keyloggers. All data can be encrypted with a master password; even if a keylogger captures this password, it's of little use without the physical key.

Scan before you surf. Antivirus and antispyware apps that run from the key can make sure that the system is clean before you use it. Just make sure to update these tools' definitions before scanning.

Keep your apps to yourself. Self-contained versions of apps like Firefox and Open-Office.org, ported by John Haller (www.johnhaller.com), let you surf the Internet and edit your documents without touching the host PC's browser or office suite.

P.I. Protector Mobility Suite 3.0 (go.pcmag.com/piprotector) lets you keep your e-mail on the USB key, and while the protector is running, all of your temporary files also reside on the key. When you shut it off and pull out, no trace is left. The new U3 Smart Drive keys make running apps like these even easier.

Bring your own OS. Note that some mobile apps do create temp files on the host system's hard drive. If the app crashes, there's a chance it may not have cleaned up properly. For even greater protection, there are versions of Linux that can run off a USB key, and the Knoppix distribution of Linux runs off a CD. If you can boot to the key, any threats that may be lurking on the host's hard drive will never see your data.

Powerful Passwords
11.02.05
Passwords


Most PCs and lots of personal data, such as bank records and Web mail access, are guarded only by a username and password. Usernames are fairly easy to guess and often pre-filled in, so you need to make sure your passwords are strong�not easily guessed or cracked by "dictionary" attacks that throw millions of letter combinations at the dialog. Many of the most widespread Internet worms have built-in dictionaries of common passwords, and once they are running on your system, they can attack your computer and others on your network.

* Don't use any part of your username, full name, address, birth date, and so on. This data is readily available to intruders.
* Don't use English or even foreign words.
* Make sure your password is at least six to eight characters long. In fact, the longer the password, the better.
* Use different kinds of characters in your password. At the very least, your password should contain uppercase letters, lowercase letters, and numbers. If you're comfortable with non-alphanumeric symbols (such as #@!&) or extended ASCII characters (which you can access by holding down Alt and typing on the number pad), use them.
* Change passwords every month to six weeks.
* Don't write your passwords on a sticky note and post it on your monitor.
* If you need to keep a repository of passwords, use a utility like RoboForm Pro (www.roboform.com) that keeps an encrypted list of all your passwords under a single master password. These programs can also generate strong passwords to your specifications.
* Don't recycle old passwords or use the same one for several different applications.
* Use a word you know, but substitute punctuation and numbers for letters. For example, coffee could become C0FF33 and Indiana_Jones could become 1nd1@n@_j0n3s.
* Use a passphrase�a group of words, as opposed to a single word. If you're a Beach Boys fan, "It's not a big motorcycle, just a groovy little motorbike" might be a good passphrase.

Note that not every security system lets you use passwords this long, or even ones that have embedded spaces. Some e-commerce sites, for example, will allow you only 8- to 12-character alphanumeric passwords. But since Windows 2000, Windows has allowed passphrases with up to 127 characters.

Web Resources for Getting Rid of Malware
11.02.05


The Internet is teeming with threats, but it's also home to hundreds of helpful sites, free software, and real-life volunteers who will help you scan, identify, and get rid of malicious code.

Helpful Sites:

* HijackThis (www.merijn.org) is a free spyware scanner; you can post its logs to www.spywarewarrior.com or SpywareInfo (spywareinfo.com). The friendly experts there will review them and provide detailed, individualized instructions for cleaning your system.
* Scumware.com is a friendly and plain-English site with instructions on how to detect and remove various adware and malware programs.
* MajorGeeks.com has malware information for the more advanced user.

If you're not sure whether a file is malicious, you can upload it to sites such as VirusTotal (www.virustotal.com) and virusscan.jotti.org, each of which uses over a dozen scanning engines to determine the nature of the file. You can also attach a file to an e-mail message and send it to scan @ virustotal.com with the word SCAN as the subject line. You will receive an e-mail report of the scan.

Discussion Forums and Download Resources:

* Wilders Security Forums (www.wilderssecurity.com)
* ComputerCops forums (castlecops.com/forums.html)
* cexx.org Message Boards (boards.cexx.org)

Free Virus Scanners:

* Trend Micro Housecall (housecall.trendmicro.com)
* McAfee Free Scan (us.mcafee.com, registration required)
* Symantec Security Check (security.symantec.com)
* RAV AntiVirus (www.ravantivirus.com/scan)
* Panda ActiveScan (www.pandasoftware.com/activescan, registration required)
* Computer Associates (www3.ca.com/securityadvisor/virusinfo/scan.aspx, download required)
* Avast! (www.avast.com, registration required)
* Kaspersky Antivirus (www.kaspersky.com/scanforvirus, upload required)
* GrisSoft AVG (www.grisoft.com/doc/40/lng/ww)
* Norman Antivirus (www.norman.com , 30-day trial)



There you have it! Hope you learned something... Wink

Back to top
View user's profile Visit poster's website Photo Gallery
Uhu_Fledermaus
Aircraft Demolition Expert

Offline Offline
Joined: Nov 28, 2004
Posts: 4369
Location: Blaricum, The Netherlands ~GMT+1
PostPosted: Wed Nov 16, 2005 11:07 am
Post subject: Re: Maximum Security: 94 Essential Tips for Staying Safe

Cool

Great stuff bushy !!

Thankx for the pointers, I've pasted into a word document and will print it out for beter readability Wink


fled
Back to top
View user's profile ICQ Number MSN Messenger Photo Gallery
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ›  Hardware
Page 1 of 1
All times are GMT - 6 Hours

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.