Steps to Computer Security

jmettie — Sun, 21 Oct 2007 15:57:15 +0000

Well, being involved in the computer security business, I thought I might pass along some of the lessons I have learned over the years in dealing with computer problems, and provide some basic yet extremely important steps you must take to keep your system as close to the original pristine condition you started with.
1. Always make backups!
The one thing that will really upset you is the total loss of all your data due to a complete hard drive failure! You will lose hundreds, if not thousands of pictures, mp3’s, movies and all of all your documents and e-mails. I know the feeling from personal experience, and I certainly have not enjoyed telling a customer that the only recourse is to cry a lot, or a very expensive clean room dead hard drive recovery to DVD. Neglecting the backup of your hard drive files to tape, CD, DVD, or an external hard drive or flash drive is not an option. This will at least recover some, if not all of your files.
The ideal strategy is a frequently updated, exact copy (a drive image) of your hard drive. This will insure the complete restoration of your operating system and all of your files, programs, and user settings. This image would quickly restore your system to a new hard drive exactly the way it operated on the old hard drive and definitely save you a considerable amount of time when recovering from a complete disaster recovery. Several software products are available for imaging a hard drive. I personally use and also provide to my customers, the Acronis products.
2. Install a firewall!
Using a firewall, be it hardware or software, will greatly reduce the risk of being invaded using the various methods that hackers use to gain control of unprotected computers. These methods, such as denial of service, remote login, macros and the like, can severely compromise, or completely destroy your data. If you’re using Windows XP SP2, you already have a firewall available. The only thing you need to do is check to make sure that it is activated using the control panel in Windows XP.
If you prefer to upgrade beyond the standard protection Windows XP firewall provides, then you can review the commercial firewall options that are available such as a hardware firewall from providers like Cisco, or a software based firewall program such as the one provided by Symantec.
3. Install anti-virus software!
You will be hard pressed to avoid infection without the installation and constant updating of a top of the line anti-virus application. Your firewall will help in filtering out many of the threats facing your computer, such as the denial of service attacks and remote access attempts; however, without a doubt, some piece of malware will certainly find a way to infect your computer. Firewalls cannot defend you against the infection of viruses, worms, Trojans and the like, if they are embedded in an email attachment, or you unknowingly download an infected file from an offensive website.
So you must protect your data and use an actively updated, anti-virus program. The firewall will help in protecting your computer from outside attacks. The anti-virus program will effectively scan the files on your hard drive, find any hidden infections already present and eradicate or quarantine them. From then on the program will continuously scan email attachments and file downloads and delete, or at least quarantine the threats before they can infect your computer.
4. Install and run anti-spyware software!
Well, now that you have your firewall and anti-virus program up and running, you still have another, perhaps even worse parasite to address. The prevention and elimination of spyware! It may actually be your anti-spyware program that provides your computer with the most significant increase in security against this strand of malicious software (or malware). Spyware is certainly annoying, and it is capable of crippling your computer beyond repair.
Almost all computers connected to the internet are most likely infected with some form of spyware. Spyware takes many forms; some of the most common are numerous pop-ups and pop-unders. The display of unwanted ads is a primary purpose of “adware,” which is often categorized as a type of spyware. Others will search out your personal information or follow your internet visits for marketing purposes, or really nasty spyware will redirect your browser to other malicious advertising or phishing sites. Some of the most common spyware culprits, such as Browser objects, bots and rootkits and adware, are included in bundled software such as free screen savers. Our advice to our customers is: “If it is pretty and free, don’t do it”.
Fortunately, there is a plethora of software available for the combat of spyware, some of it is actually free! Watch out though, many pretty and free spyware programs are really disguised spyware. Stick with the top proven products, such as Spybot and AdAware.
5. Continuously update your software!
Since there will always be a duel of wits and talent between operating system programmers and the hackers and coders, being too impatient to frequently update and patch your operating system, web browsers and program software is tantamount to driving without a seatbelt. If you use the Microsoft Windows operating system, start by going to Windows Update and running the update wizard. Then select one of the options in automatic updates to download and install the latest updates with little or no effort on your part. While you are at it, you can also go to Office Update and install the latest patches for your Microsoft Office programs. Once your updates are current, automatic updates will now update all installed Microsoft Products.
6. Disable file sharing.
Shared directories and drives can be seen on the internet and are subject to hacking. If you share folders across your network, someone accessing that network can have access to all of your files. This means your personal information, your pictures, your private documents, Web browser cookies and virtually anything else you have on your computer. Not only can they view the information; they can download it to their own hard drive. Another small item you should do is uncheck the box in the Windows folder options settings “hide extensions for known file types”. When you disable this option, the file extensions will then display in Windows explorer. Some file extensions like the system files will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that may warn you that something is amiss.
7. Review your browser settings for optimum security.
At a minimum set your security setting for the “Internet zone” to High, and your “trusted sites zone” to Medium Low.
As you connect to the internet using an internet browser, be it Microsoft Internet Explorer, Mozilla’s Firefox, Netscape or any of several others. This is where hackers will stage their entrance into your computer by capitalizing on flaws in browsers to download malware without you even knowing that something was downloaded and installed. In light of this real danger, web browser security upgrades from your vendor are an important step in your PC’s security.
8. Use Strong Passwords.
Many people set themselves up to get hacked when they choose passwords that are common or simple or never changed. Use strong passwords of six, or even eight or more characters mixing lower and uppercase letters and numbers. Do not use common names in your password; make up a word so as to keep hackers from guessing your password.
Do not use the same password everywhere. It is our nature to stick with a particular username and password, and to use it over and over. Hackers will know this, they often target less secured sites like membership sites in order to collect usernames and passwords, with the knowledge that most likely, that is the same username and password you would be using at a more secured (and more valuable) site such as your online bank.
If you are using many secure sites then the ideal solution is to use a program that generates and encrypts passwords for each site you use and stores them in a database for your use when you arrive at the site. There are a many programs to choose from such as KeePass, Password Manager and RoboForm.
9. Wireless Networking Security.
With the recent surge of wireless networks and the increased number hot spots everywhere, the focus of internet hackers has shifted to a new weak spot in computer security, The Wi-Fi connection. If you were to drive around the city with your Wi-Fi enabled laptop in tow (wardriving), letting it search for wireless connections, you will be amazed to learn that many people do not secure their wireless networks. Maybe they do not know how, or, are they really choosing not to? While these unsecured connections might just be an individual who hasn’t taken the time to protect his network, they might also be “honeypots”, which is a networked computer system purposely setup to snag your personal details.
A. Protect your wireless network.
It is your business to protect your own wireless network; you must protect yourself from drive-by hackers and other unwanted interlopers into your Wi-Fi network. There are several options you can set to make your wireless network and computer a little safer. When you select encryption in your router or access point for your Wi-Fi network, at least use the WEP option, an encryption standard built into most of the older wireless devices. Most of the newer wireless devices include both the WEP (wired equivalent privacy) and WPA (Wi-Fi protected access) encryption standards that you can activate. If you can, upgrade your wireless network devices to the newer and much stronger WPA or WPA2 encryption standard. So if the WPA or WPA2 encryption is available you should use it as it is more secure. However, even WEP is better than nothing at all, and it can keep the casual snoopers and novice hackers from accessing your wireless network.

Many hackers or these so called wardrivers, will simply drive around neighborhoods looking for Wi-Fi networks with the “default” name in place in order to identify who has not taken even the basic WEP steps to protect their wireless network. Avoid this obvious signal to hackers by taking one minute to change your Wi-Fi network’s name. Even better, hiding your SSID broadcast and implementing MAC address filtering can dramatically limit outside access to your Wi-Fi network. Remember that a hacker will almost always take the path of least resistance, so by using even the basic steps, hackers will move on and look for easier targets.
B. Do not use unknown Wi-Fi connections!
As I mentioned, hackers will setup unprotected Wi-Fi connections in convenient locations such as an apartment complex, shopping centers, and airports.
When you are using “public” Wi-Fi hotspots, make sure you know how to encrypt the data that your computer sends out. Never sign into your financial accounts (banking, Paypal, etc) while connected to a public network. In fact, try to type in as little private information as possible when accessing the internet via any unsecured Wi-Fi connection.
Summary
Today, the computer has become a required household appliance as more and more people are using their computers for day to day tasks such as information searches, e-mail and chat communication, online banking, investing, vacation planning and especially shopping.
The more we do these things on a regular basis, the more we open ourselves up to potential hackers, attackers and crackers. While some may be attempting to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets.
With many thousands of known computer viruses out there on the internet, and hundreds of thousands of spam emails sent out 24 hours a day, the chances of your computer contracting any malware at all, such as a virus, backdoor worm, or a piece of malicious spyware is inevitable. And when your computer becomes infected, computer tasks will be nearly impossible to perform, as the malware will affect your computer’s speed drastically. Because of the ever increasing threat of malware, the only real long-term solution is preventing it from infecting your computer in the first place.

BloggerTek

Steps to Computer Security