Thursday, March 28, 2024

Computer Security for the Novice

Computer technology has changed quite a bit over the past 20 years. People who
would normally never touch a computer now utilize such a device almost every day
to get their work done. They use email and surf the web regularly. These folks all need to take computer security seriously.

Recently, I’ve been watching users and how they interact
with their computers, and I’ve been asking them questions about their computer
usage. I asked them about their knowledge of the subject in general, and
specifically I asked them about security. Very few of them really knew much
about computing in general and practically none of them knew anything about
security. 20 years ago this may not have been as much of a problem, but in
today’s world of online banking and identity theft, this can be a huge problem.

After talking with them a bit more, I learned that they have no idea what risks
there are on the internet. A few even said they weren’t going to worry because
"they have nothing of value." This is a very dangerous idea to have. Everyone
has something of value to someone, even if you aren’t a big huge company. You
still have a Social Security Number which can be used by someone to steal your
identity, get credit cards and loans in your name–and you’d be stuck with the
bill.

Still think you have nothing to worry about?

Someone could break in to your PC so they could use your computer for storage,
or even they could even use your machine to attack high-end targets including
government agencies. That’s correct–someone could in fact break into your
machine and use it to attack the FBI or the CIA, and you would be the one
arrested until you could prove yourself innocent, or worse–they could erase any
trace of them having been in your machine. That means the CIA or FBI has logs
showing your computer hacking into their systems, and you’d have no way to prove
that you are innocent.

How does all of this happen? For starters, the internet isn’t like it was years
ago. It used to be that to get an email virus you had to actually open the
attachment. Not anymore–now by simply viewing the email in Outlook Express, (or
in Outlook), a virus can infect your machine! To make matters worse, this is the
default behavior for both Outlook Express and Outlook.

You’ve probably seen this happen before…you’re reading your email in Outlook
or Outlook Express, and when you click on the email, you read the entire message
in the bottom half of the application. This is the default behavior as pointed
out earlier, and just viewing it in this manner is enough for a virus to spread
on your system. In the past you had to actually download and open an attachment
for something like this to happen.

Outlook Express is the Email Client that comes with Windows, and Outlook is the
one that ships with Microsoft Office. Both of them by default tend to allow
virus replication with ease. One of the reasons this happens is because of
usability. It seems the easier something is to use, the easier it is for a virus
or security problem to come in.

What can you do to defend yourself without spending a lot of money and having to
read a lot of books?


You don’t have to be rich or own countless books on computers to defend
yourself. However, you do need a little common sense, and maybe a willingness to
learn a few new tricks.

The first step towards security is obviously being cautious in what you open in
your email program. If you open everything that gets sent to you, you’re going
to eventually get stung. Even Instant Message Clients like AIM and MSN Messenger
can be a security risk. That’s why you’re not supposed to use them while you’re
at work. Well, that and the fact you’re supposed to be getting work done there.

If you want a little more information on Instant Messenger Worms you should read
this article:
http://www.enterpriseitplanet.com/security/news/article.php/3567791  Worms aren’t just for email anymore, they
have spread to IM clients, and now, even cell phones have worms and viruses.

Boost Mobile phones had a virus about a year ago where the virus would call your
phone and the caller ID on the phone would show up as "ACE". If you answered the
phone, it would infect your phone, call other phones, and from what the people
at American Wireless have said, you would need to buy a new phone.

Sadly, this isn’t all; just visiting some web sites can infect your computer
with viruses, trojans and spyware. Some spyware "watches" what you do online and
then sends the information it collects about you off to another computer on the
internet. Scary isn’t it? To think someone is watching your every move, and then
selling that data to another party on the internet–it’s enough to really creep
you out.

This isn’t a rare occurrence either. Once you put your computer online, you have
around one minute before something attempts to infect it. If you have a computer
online and take no precautions, more than likely your computer is infested with
viruses and spyware, and you may not even be aware of it.

If this sort of thing bothers you, and it should, then do something about it.
There are a couple of really nice applications for finding spyware, and best of
all, you can find them on the internet for free! The company that makes Ad-Aware
has a version for home users that you can use free of charge, and just about
everyone with a Windows PC should have this application. You can find this
wonderful application here:
http://www.lavasoftusa.com/software/adaware

When you visit this web page you’ll see a Red button that says “Download Now”
and all you have to do is click on that, and it takes you to a download.com
server to download the application. Then you simply click on the green button
where it says “Download Now” and the application begins downloading to your
computer. When you see it has finished, you double click on the application, and
it begins the installation of Ad-Aware on your computer. When it finishes, just
follow along with the on-screen instructions and you can download updates to the
database of known problems it keeps, and then scan your computer. Don’t worry if
it finds a lot of things–there are a lot of web sites that put “tracking
cookies” on your computer, and Ad-Aware finds them and can delete them for you
if you desire.

Another free application that you can use to help fight spyware on your computer
is called “Spybot Search and Destroy”. The download is free and so is the update
process. Finding the application can be somewhat of a pain though, so I’ve
tracked down a direct link:

http://projects.securitywonks.net/projects/download.php?go=2&file=2&mirror=2

When you click on that link a little pop up asks what you want to do. You should
download the application just like you did with Ad-Aware and then install it.
When this has finished, update it, and then let it scan your machine. Running
this alongside Ad-Aware can help to protect your machine even more! That said,
you shouldn’t let this give you a false sense of security, as no application is
100% secure, no matter how much it costs you (or doesn’t cost you in this case).
Keep that in mind, as a lot of companies will try to make you think that all you
need to do is buy their product and never worry again. This is just bad
marketing hype and nothing more.

Once you have the spyware applications installed, you can now move on to another
potential problem–viruses. You’ve probably heard about viruses in the news and
on TV, but what can you do to help protect yourself against another threat? Just
as we found free applications to help protect you against spyware, virus
scanners can also be found for free!

The following links are to anti-virus scanners you can download for free:

http://housecall.trendmicro.com

http://www.grisoft.com/doc/1

http://clamwin.com

If you prefer to pay for an application so you have support available from the
software vendor, I can recommend the following commercial anti-virus products:

eTrust EZ anti virus (
http://www.ca.com
)
McAfee anti virus (
http://www.mcafee.com
)
Norton Anti Virus (
http://www.symantec.com
)

I’ve used all of these with good results. Another thing you may want to think
about is buying the software packages that come with complete desktop
solutions–these typically include the anti virus scanner, a personal firewall,
and some type of spyware scanner all in one. As I’ve said before this shouldn’t
give you a false sense of security, so don’t stop taking precautions just
because you have an extra layer protecting you. This is one of the first
mistakes a user can make–new viruses are made each day, so you have to stay
vigilant to keep up.

What else is left now that you have a virus scanner and an application to help
keep track of the spyware that can affect your machine? A firewall of course! A
firewall is a device or a program that helps stop other users from getting into your
computer. Every user should know at least something about firewalls, as they can
be the extra layer of security that protects you while you’re online. If you
were infected with a trojan horse program, there is a chance that it can let
someone take complete control of your PC as though they were sitting at their
keyboard! These programs work by opening up a port on your computer and then
allowing anyone with the client to connect to it and gain control of your
computer.

Imagine you were doing some home banking over the internet and someone was
watching the whole time. To make matters worse, some of these applications have
a mechanism that’s built into them that lets the thief delete the server portion
of the trojan, which means that you would never even know that it was there.

One way to help stop this from occurring is by using the anti-virus software that
I mentioned earlier…most of them can now find and delete trojan programs for
you. When you use firewall software, it asks you if you want to allow a program
to access the internet in the first place. This will stop such trojan programs
from talking to whomever controlled them. Another thing these firewalls can do
is prevent inbound traffic to your machine. The trojan programs have both
inbound and outbound traffic to and from your PC as commands are sent to your
PC. Worms that spread over the internet use outbound traffic to scan and send
themselves out to other hosts. This is only one of the many features a firewall
provides to you, and I highly recommend using one.

If you have Windows XP, you should have installed Service Pack 2, which fixed a
number of security flaws, but also put something called the “security center” on
your machine. This helpful new application checks to see what it can do to
protect you, and the new XP firewall that comes bundled is turned on by default!

To start this up, click on the start menu, and move your mouse to “All Programs”
and then when the scroll menu opens up, go to “accessories” and then move your
mouse to “system tools.” Inside that menu you’ll see “Security Center”. After
you click on that, you’ll see the application start up and show you a few things
about your PC.

The firewall should say “on” as should be “Automatic Updates” and “virus
protection”. The interface is great for new users, and all you have to do is
click on the “on” button to turn things on. As I have pointed out, do not let
this give you a false sense of security. Even the firewall, which is on by
default, isn’t the best firewall in the world, so if you can, take my
recommendation and buy one, or if you can’t afford it, try out some freebies:

http://www.checkpoint.com

http://www.sygate.com


http://www.symantec.com/home_homeoffice/products/internet_security/npf2006


http://www.zonelabs.com/store/content/home.jsp

All of those may not be free but they are fairly decent
products. If you’d like to learn more about firewalls in general, you can visit
these links and do some research on your own by typing “firewalls” into a
google.com search, and reading up on the subject.

HTMLGoodies Guide to Firewalls

HTMLGoodies Firewall Basics


http://www.howstuffworks.com/firewall.htm


http://www.firewallguide.com


http://www.webopedia.com/TERM/f/firewall.html

I encourage you to read up on this subject more so you can learn
which firewall best suites your needs as a user.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Popular Articles

Featured