Computer Security

Securing Your Computer System
Today, more and more people are using their computers for everything from communication to online banking and investing to shopping. As we do these things on a more regular basis, we open ourselves up to potential hackers, attackers and crackers. While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets. Below are a few easy, cost-effective steps you can take to make your computer more secure. 1. Always make backups of important information and store in a safe place separate from your computer. 2. Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs. 3. Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs. 4. Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low. 5. Install antivirus software and set for automatic updates so that you receive the most current versions. 6. Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address. 7. Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer. 8. Disable hidden filename extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong. 9. Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off. 10. Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.
----------------------------------------------------------------
What Is Adware and What Can You Do to Prevent It from Affecting Your System?
Privacy: how important is it to you? Would you feel comfortable knowing that someone could keep track of the web sites that you visit? While Spyware is talked about, you may be less familiar with a similar type of programming: Adware. Adware is used as a supplemental program in some cases. Adware can be used as a part of an internet program and used as a way of letting you use a service without paying for it: rather than using a program with limited features and rather than paying the full cost of the program, you can choose an ad-supported version. The adware used will track the sites you visit and ads that are related to your interests will be shown to you during your session. Of course, that is an example of your consent to having adware installed on your system. Another possibility is that you install software and don't fully read the part of the user agreement that suggested that third-party software was included to see how the software was used on your computer. This third-party software is typically adware. With it, the person who wrote the software can collect money from advertisers who will be able to know which users might be interested in their products. For many people. However, adware quickly becomes an annoyance. In addition to feeling uncomfortable that they are being watched – associating the feeling with being spied on and the adware with spyware – they just want to be able to go about using a program or surfing the internet without a steady stream of advertising or even advertising pop-up windows slowing them down. As a result, they start looking for ways of removing adware from their computer. Removing adware from your computer can be done by installing ad-blocking software. Removing adware, in many cases, can also be done with the installation of anti-spyware programs. But why settle for removing adware when you can make efforts to keep it from getting on your computer to begin with? Rather than dealing with adware and having to find ways of removing adware from your system, consider doing the following: · Read the licensing agreements that come with software programs that you are thinking about installing. If a mention is made of third-party software that will track the way you use the program or the software is listed as ad-supported, do not agree to the terms of service and choose an alternate program. In many cases, the user agreement or licensing agreement are available to you before you download and install the software; · Choose the free but feature limited software or pay for the program rather than using the advertising supported version to avoid installing adware on your system; · If you think that you are getting adware or spyware on your system and you have been using Internet Explorer as your web browser, consider making the switch to another browser that contains ad-blocks; · Make sure that the security patches for your computer's operating system as well as your anti-spyware and firewalls are up to date. In other words, the best means of removing adware from your computer is to not install it in the first place. You will be able to surf the internet with more privacy and therefore with more security. And that will keep you and your computer more safe.
----------------------------------------------------------------
What Is Spyware?
Spyware is exactly what the name suggests. It’s software to spy with. Or more accurately: software to spy on you with. Spyware is used to discover your online activities and send information back to someone else.One of the better known types of spyware propagates a pop up advert, or adverts, that you can’t get rid of. A more serious version is a browser hijack when your homepage is changed and you can’t change it back.But these are the lesser threats. There’s much worse spyware and malware (malicious software) on the internet. You expose yourself to it every time you go online. It’s always there. Even if you take as many precautions as you can its still there, you can’t stop it.But you can prevent it from becoming a problem. By doing the right things with the right kinds of software you can easily and effortlessly eradicate the threat that spyware and malware poses to your online security.But you have to know how. How Much Spyware’s On Your Computer? will give you exactly that. The ability and know how to prevent any serious infections on your computer and make your online activities more secure.Follow this link to find out how: http://www.intrepreuner.ws/
--------------------------------------------------------------------
Viruses and it's effects on computers
A virus is a program that spreads by inserting copies of itself into other executable code or documents . Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of the virus into a program is termed infection, and the infected file (or executable code that is not part of a file) is called a host. The damage that a virus can do can range from overwriting information in the hard disk to scramble numbers in your spreadsheet. A virus will multiply itself and take memory space, slow your internet connection , slow the computer itself and diminish her performance. While some viruses appear to be harmless they should be eradicated from the system anyway as they can cause multiple errors on the computer just by being present. Other viruses will only activate after a certain condition is met causing severe damage. Viruses can enter your computer in any of the following ways: email attachments, www sites, by downloading files from the internet, using other people’s diskettes, using pirate software and sharing files across the net. The most common points of entrance for a virus are email, floppy disks, internet connection. Another thing is the faster your connection is the most vulnerable you are to virus attacks on the net. There thousands of viruses across the net some of them infect certain operative systems more than others. The most common type of viruses are :boot viruses, file viruses, macro viruses. The best defense against viruses consists in : always keep a backup of the important data, always scan floppies and files you obtain from another party using an antivirus program, always keep a bootable floppy disk with antivirus software up to date. To recover from a virus attack : boot your pc from a virus-free, write protected, bootable floppy disk, b)run antivirus software from a bootable disk or recovery disk. c)reboot and run virus scan to make sure the threat is gone. You must remember to always keep your antivirus updated as new viruses emerge basically everyday.
------------------------------------------------------------------
Top Tips To Secure Your Online PC
Most of us use a PC these days, but how many of us are really serious about securing it ? Well, not most of us! They just need to get their job done sitting on the PC and hence look no further. But they do find themselves in great trouble when the PC crashes, files are corrupted, login information are stolen or attacked by viruses and malwares. Now, we know that "prevention is better than cure" and "self help is the best help". So according to the lines of these famous proverbs, I will try to highlight some tips through which a newbie user would be able to secure his PC. This article even applies to advanced and experienced users alike. So read on and help yourself to ward off your PC security woes. 1. Use an Antivirus In the era of high-speed internet and portable media, you just cannot afford to compromise your PC and valuable data. So, Antivirus software is a must for each and every PC user. The Antivirus stays active in the system memory and monitors your file transfers, network/internet connections, and programs for suspicious activities and keeps away harmful computer viruses, worms and trojans from playing devil on your PC. It can even clean, heal or quarantine affected files already on your PC and keeps your data safe. There are many AntiVirus Packages available, out of which many are free to use. Some of the free packages are:
a. AVG Free Edition: http://www.free.grisoft.com/
b. Avast! Home Edition: http://www.avast.com/
c. Antivir Personal Edition: http://www.free-av.com/

2. Use a Firewall To protect your PC with network/internet connection from the prying eyes of hackers and abusers, it's a necessity to install a Firewall software. A firewall is simply a piece of software that sits between your PC and the outside world (network/www) and allows certain programs/data to pass through it, thus filtering the traffic based on configured rules. Like Antivirus softwares, the list of firewall softwares is also long...and there are a number of free options available. Some of the free packages are:
a. ZoneAlarm Free : http://www.zonelabs.com/
b. Kerio Personal : http://www.kerio.com/
c. Outpost Free : http://www.agnitum.com/
d. Sygate Personal : http://www.sygate.com/

3. Use an AntiSpyware/Adware Every passing day gives birth to a score of new malware, which is any sort of program written solely to get itself installed on the victim's PC without his knowledge, monitor his activities/logins and send them to a hacker for identity theft. Similarly there are adwares which deliver unwanted advertisements and spoofs/redirects browser addresses. Thus, you never know that the form which you have filled 10 minutes ago is not from the original site ! To protect your PC against these nasty pests, you need an Anti-Spyware/Adware package. Some of the free packages are:
a. Spybot S&D : http://www.safer-networking.org/
b. Ad-aware : http://www.lavasoft.com/
c. Windows Defender : http://www.microsoft.com/athome/security/spyware/software/default.mspx

4. Backup Often It is really important to backup your valuable data often so that you can get a copy at hand when there is a system crash, virus attack or hacking. Just keep only the important files and folders as backup and not your whole disk! A habit of backing up never upsets you in the long run. It is a good idea to backup your data on a different hard-disk or removable, cheap media like CD, DVD, and Pen-drives to name a few. There are many free and paid softwares to choose from.

5. Follow Some Good Habits
a. Do not ever give out your password/login information to anyone.
b. Don't give out your credit card number or any online banking login to anyone.
c. Use a strong password which is difficult to guess; containing alphabets, numbers and special characters.
d. Password protect or encrypt confidential, valuable information to avoid being abused by someone.
e. Always set a password for your Operating System/BIOS logon.
f. Don't open suspicious email attachments or knowingly send someone an infected file.
g. Do not mount a known virus affected media to a PC without Antivirus protection.
h. Don't reply to emails asking for confidential login information even if they seem to come from the company or website. It might be a phishing attempt.
i. Do not reply to spam messages or scam emails like "You have won $10million lottery sum!". If you reply to spam emails, the spammers become aware of your activity and spam you even more. Just ignore them and keep the spam filter on.
j. Don't post your email id all over the internet (e.g.-forums)...spam bots might be harvesting them. Use myid[at]provider.com format. To conclude, I would like to say that the steps that have been outlined above are not too difficult or time consuming to follow. You would certainly benefit by using those precautions and measures to secure your computer. Remember, if you secure your own PC, you not only help yourself, but many other users too.
--------------------------------------------------------------
Network Security – The Real Vulnerabilities
Scenario: You work in a corporate environment in which you are, at least partially, responsible for network security. You have implemented a firewall, virus and spyware protection, and your computers are all up to date with patches and security fixes. You sit there and think about the lovely job you have done to make sure that you will not be hacked. You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors? Have you thought about a social engineering attack? What about the users who use your network on a daily basis? Are you prepared in dealing with attacks by these people?Believe it or not, the weakest link in your security plan is the people who use your network. For the most part, users are uneducated on the procedures to identify and neutralize a social engineering attack. What’s going to stop a user from finding a CD or DVD in the lunch room and taking it to their workstation and opening the files? This disk could contain a spreadsheet or word processor document that has a malicious macro embedded in it. The next thing you know, your network is compromised. This problem exists particularly in an environment where a help desk staff reset passwords over the phone. There is nothing to stop a person intent on breaking into your network from calling the help desk, pretending to be an employee, and asking to have a password reset. Most organizations use a system to generate usernames, so it is not very difficult to figure them out.Your organization should have strict policies in place to verify the identity of a user before a password reset can be done. One simple thing to do is to have the user go to the help desk in person. The other method, which works well if your offices are geographically far away, is to designate one contact in the office who can phone for a password reset. This way everyone who works on the help desk can recognize the voice of this person and know that he or she is who they say they are. Why would an attacker go to your office or make a phone call to the help desk? Simple, it is usually the path of least resistance. There is no need to spend hours trying to break into an electronic system when the physical system is easier to exploit. The next time you see someone walk through the door behind you, and do not recognize them, stop and ask who they are and what they are there for. If you do this, and it happens to be someone who is not supposed to be there, most of the time he will get out as fast as possible. If the person is supposed to be there then he will most likely be able to produce the name of the person he is there to see. I know you are saying that I am crazy, right? Well think of Kevin Mitnick. He is one of the most decorated hackers of all time. The US government thought he could whistle tones into a telephone and launch a nuclear attack. Most of his hacking was done through social engineering. Whether he did it through physical visits to offices or by making a phone call, he accomplished some of the greatest hacks to date. If you want to know more about him Google his name or read the two books he has written. It’s beyond me why people try and dismiss these types of attacks. I guess some network engineers are just too proud of their network to admit that they could be breached so easily. Or is it the fact that people don’t feel they should be responsible for educating their employees? Most organizations don’t give their IT departments the jurisdiction to promote physical security. This is usually a problem for the building manager or facilities management. None the less, if you can educate your employees the slightest bit; you may be able to prevent a network breach from a physical or social engineering attack.