Safety
at Home
Block
Hackers and Viruses
With everybody switching over to High-Speed Cable and DSL, connecting your PC to the Internet without using a firewall and antivirus software is like leaving your front door unlocked when you go on vacation--if you're lucky you'll come home to find that all is well, but it's still risky.
Install a firewall
on every computer
Even if you have a hardware firewall between your PC or network and the Internet,
you should still install a software firewall. Although a hardware firewall
can be set to block or allow all packets passing in and out through port 500,
for example, it doesn't know which application initiated the communication
on your system. A software firewall routinely queries you to confirm whether
it should let an application communicate over a given port, so you can tell
it that AOL’s AIM.exe is allowed to use the port but GATOR.exe isn't.
To see a detailed list of ports that you could be using, go to the site Chebucto.
Use a bidirectional
firewall
The firewall in Windows XP is better than nothing, but not much better. Free
firewalls such as Zone Labs' ZoneAlarm
3 and Sygate's Personal
Firewall 5 monitor and control both inbound and outbound network traffic,
allowing them to block connections initiated on your PC by the infamous GATOR.exe
or any other real-life backdoor program.
Don't skip the antivirus
If you're not using antivirus software right now, stop what you're doing,
go get some, and then continue reading after you've installed it. If you use
Windows, not using antivirus software is simply irresponsible because of the
high volume of viruses that target any version of this OS. Even if you think
you know how to avoid viruses, you may eventually get nailed by one that employs
a new and unexpected technique. If you get infected, chances are you'll infect
the family members, friends, colleagues, and others who are in your address
book, too.
If you don't want to shell out for a top commercial package like Network Associates’ McAfee VirusScan or Symantec's Norton AntiVirus, at least visit Trend Micro and use their free online scanning or download Grisoft's free AVG 6 Anti-Virus System. AVG isn't great at catching the latest known in-the-wild viruses, but the price is right. Check out Virus Bulletin for more information. Because of this shortcoming, using AVG could be just as bad as having no antivirus protection if you blindly launch every e-mail attachment that slithers into your in-box. However, if you have other prevention methods in your tool bag (such as a script-resistant e-mail program like Outlook/Outlook Express and a healthy distrust of e-mail attachments), it will at least prevent you from being nailed by those viruses that perennially come around. Remember, LSUHSC-S has a site license for McAfee, so there is no excuse for your LSUHSC equipment to be unprotected.
Update Everything,
and Often
One of the easiest ways to prevent e-mail viruses from exploiting flaws in
your programs and hardware is to download and install the regular updates
(sometimes called software patches) that vendors provide. Microsoft's
Windows Update site is a great source for fixes to that company's software.
Set the Controls for
Security
Once you've
updated your software with the latest patches and bug fixes, check the applications'
security settings. The programs you use every day often offer little-known
features that can block viruses, stamp out cookies, and keep snoops off your
computer or network.
Block it in the browser
You can download and install a zillion different utilities that corral your
cookies and prevent Web sites from doing things on your computer that they
shouldn't. But your browser also gives you lots of control over Web content.
In Internet Explorer, choose Tools, Internet Options and click the Privacy tab. To reject or accept an individual site's cookies, click the Edit button, enter the site's address, and then click either Block or Allow. When you're done entering site addresses and settings, click OK to close the dialog box. To block third-party cookies (which are usually related to advertising or marketing), click the Privacy tab's Advanced button, check Override automatic cookie handling, select Block under 'Third-party Cookies', and click OK twice. To view and delete stored cookies, select Tools, Internet Options, then click the General tab, the Settings button, and the View Files button. In the resulting window, right-click a cookie and choose Delete. To remove all cookies stored by IE, select Tools, Internet Options, then click the General tab and the Delete Cookies button.
If you use Netscape 7, choose Edit, Preferences, double-click Privacy & Security to open its subcategories, and select Cookies. To block all third-party cookies, look in the right pane and click Enable cookies for the originating web site only. To view and delete cookies, click the Manage Stored Cookies button, select a cookie in the list, and click the Remove Cookie button. Choose Remove All Cookies to wipe the entire cookie sheet clean. If you want to banish an individual site's cookies in perpetuity, check Don't allow removed cookies to be reaccepted later, and then delete the cookie. (Note that the site-by-site cookie controls that you would expect to find when you click the Cookie Sites tab in Netscape 7 appear to be under construction.)
Derail e-mail threats
If you prevent your e-mail program from executing scripts and attachments
in the messages you receive and keep your program updated to repair newly
discovered security flaws, chances are good you'll keep viruses and Trojan
horse programs off your PC. The latest versions of Outlook and Outlook Express
wisely block all scripts and dangerous attachments by default, by placing
any incoming HTML mail in the restricted security zone (to see your security
settings in either program, choose Tools, Options and click the Security
tab).
I would suggest that everybody disable their e-mail program's message preview pane to doubly ensure that viral mail remains inert. To disable Outlook Express's preview pane, choose View, Layout and uncheck Show preview pane. In Outlook, click View and deselect Preview Pane. To hide the preview pane in the Mail & Newsgroups program in Netscape 7, choose View, Show/Hide, Message Pane.
If you need a way to peek into messages with attachments to see what kinds of scripts or files they contain try these steps. To do that in Outlook/Outlook Express without opening the e-mail, right-click the message, choose Properties, click the Details tab, and then click the Message Source button. Now you'll see the exact text of the entire missive, including the names and encoded content of any binary attachments. Maximize the window to make it easier to read. To safely view files attached to a message in Outlook, right-click the e-mail and choose View Attachments. To view a message's plain-text contents (to see the names of attached files) in Netscape, select the e-mail, and then choose View, Message Source.
Use MAC filtering on
your wireless LAN
If you have a wireless home network, you may want to use multiple security
features for maximum protection. Each
network adapter on a LAN--wired or wireless--has a unique physical address
that operates at a lower level than its IP address in the hierarchy of network
protocols. Many routers, including wireless ones, let you restrict wireless
network access to a limited set of hexadecimal MAC addresses. You'll need
to get out the router or access point's manual to set it up, and then drill
down into the network card properties for each connected computer to find
and jot down its MAC or physical address. Like IP addresses, MAC addresses
are easy to spoof, or falsify. And because it doesn't encrypt traffic,
MAC filtering alone won't make your network secure. But it's one more roadblock
that could send a hacker elsewhere in search of an easier network to crack.