P r o t e c t i n g Y o u r C o m p u t e r
|
Computers may seem sophisticated and advanced,
but Windows based PCs need quite a lot of care and feeding to keep them safely
functioning and to avoid a host of threats.
Virus are the most obvious threat and the class
covers updating anti-virus programs, configuring them for maximum protection,
free anti-virus programs and, perhaps most importantly, an awareness of the
limitations of any anti-virus program.
Email, the most widely used Internet
application, suffers from phishing scams (identity theft), SPAM (unsolicited
commercial email) and is the most widely used avenue for the spread of viruses.
The class covers defensive email, how to protect yourself from all three
problems.
Worms are a type of computer virus that don't
need email to spread, they can infect a computer connected to a network (such as
the Internet) all by themselves and do it silently. Firewall programs are needed
to defend from worms and other potential intrusions into your computer. The
class covers the concepts and details of both inbound and outbound protection
with a firewall program.
Software
bugs (mistakes) also account for many computer problems. The class reviews the
issues involved in applying bug fixes (patches) and students are shown how to
use Windows Update and Office Update.
Newer types of malicious software (malware)
often take advantage of mistakes made with the topics mentioned so far. It is
very easy for a Windows PC to get infected with Spyware, Adware, Trojan Horse
programs, etc. typically without your knowledge. Spyware programs run silently in the
background and send reports on your computer activities to
an agency that collects data and sells it. The class covers Spyware and Adware
and the software used to combat it.
Any computer near a teenager is likely used for
Instant Messaging. These programs have their own potential problems, a checklist
for securing IM software is offered in the class.
These are practical things we all can do to avoid letting
hackers
take control of our computers and our lives. Using e-mail and the web has become an essential part of our lives.
Losing either is more than an inconvenience; it disrupts our contact with others, our studies, our business, and
our safety.
There is a 60 page handout, given to each student so they can learn by
listening without having to take notes. The class only covers
Windows, not the Mac or Linux.
Schedule: This three hour class is not
currently scheduled but will be offered in the Fall.
| |
- WHY DO WE NEED TO PROTECT A PC?
- INTRODUCTION to PROTECTING YOUR COMPUTER
__ Links Below
- What Not To Do
- File Sharing Software (Peer-to-peer)
- Installing software
- DEFENSIVE EMAIL __________________________ Links Below
- Phishing
- Getting Up To Speed on Email
- Avoiding Email Viruses
- Outlook and Outlook Express
- SPAM
- Avoiding SPAM in the First Place
- Dealing With SPAM Messages
- SPAM Software Suggestions
- BUG FIXES and PATCHES _____________________ Links Below
- Instances of bad patches
- What is a Service Pack?
- Using Windows Update Manually
- Automatic Windows Update
- Problems with Windows Update
- Office Update
- FIREWALLS _______________________________
Links Below
- Configure Your Firewall
- Testing Your Firewall
- VIRUSES ________________________________
Links Below
- Anti-Virus Configuration Options
- Living With an Anti-Virus program
- Overview of Some Anti-Virus Programs
- Online Virus Scans
- SPYWARE AND ADWARE _____________________
Links Below
- Fighting Spyware and Adware
- Ad-aware
- Spybot Search-and-Destroy
- WINDOWS SECURITY _______________________
Links Below
- INSTANT MESSAGING _______________________
Links Below
- PROTECTING the HARDWARE
- Surge Protectors
- Uninterruptible Power Supplies
|
|
On August 23, 2003 the New York Times had a front page article and an
editorial referring to two computer viruses and the problem in general. The editorial
said we all share
the responsibility for making computing safer: Microsoft by improving the code, Internet Service Providers for not stressing
security enough, and users for being sloppy about protecting ourselves. Well, you can avoid all this by never going online, never using e-mail, never
using a credit card. If you don’t leave your apartment you can also avoid the risk of being hit
by a car while crossing the street. The class will cover reasonable,
inexpensive things we can all do to make ourselves secure online.
-
Who says safe computing must remain a pipe dream?
December 9, 2004, by Bruce Schneier
-
Lock attackers out of your PC
By Brian Livingston June 3, 2004. An excellent, long and very thorough article
-
PC Users Deserve A
Free, Simple Service To Handle All Threats by Walter Mossberg in the Wall
Street Journal. March 11, 2004. About the current sorry state of affairs
regarding protecting your computer.
- Broken Windows: Will Your PC Ever Be Secure?
PC World February 26, 2004. It seems a week doesn't go by without some malcontent writing a worm that attacks holes
in Microsoft products. What can you do to protect yourself?
- A Home User's Security Checklist for Windows
By Scott Granneman February 13, 2004 on securityfocus.com
- Where
Do We Go from Here? by Dan Gillmor August 31, 2003. About the sorry state
of computing: viruses, spam, ISPs, Microsoft and more.
- Internet Explorer 6 Security and Privacy Essentials
From Microsoft March 26, 2003
- Security Begins at Home
Stephen Manes in the September 15, 2003 issue of Forbes magazine.
- Protect Your PC! by Ed Bott. September 1, 2003.
- Cybersecurity and You: Five Tips
Every Consumer Should Know from The Washington Post May 16, 2003
- The Microsoft web site has two portal pages on security. One is for home
users, the other, from
Technet, is for techies.
- I maintain a links page from my Defensive
Computing class (over 80K) with links to articles on applying bug fixes, firewalls,
security and privacy, Spyware and much more.
- For Tabbed Browsing And Other New Tricks,
Try Explorer's Rivals by Walter Mossberg in the Wall Street Journal. January 8, 2004.
About NetCaptor and Safari.
- Tightening The Security Screws In Windows
By Larry Seltzer August 21, 2003
- The PC magazine Security Watch page
has reviews of firewalls, AntiVirus utilities and news relating to
security
- SpinRite 6.0 for testing,
diagnosing and fixing your hard disk
- Protect your PC from Microsoft:
For End Users www.microsoft.com/protect
For IT Professionals www.microsoft.com/technet/security/tips/pcprotec.asp
- Increase Your Browsing and E-Mail Safety
4 Steps to Help Ward Off Hackers and Attackers from Microsoft June 11, 2004
- An example of
the Gator Adware program being installed as an ActiveX program
- An example of a pop-up ad designed to
trick you into clicking on it
- Heart
of Darkness, on a Desktop About programs running on people's computers
that they did not know were there. Spyware, Adware and viruses. The New York
Times By Katie Hafner September 4, 2003
-
Escape the
Spyware Nightmare How to get rid of Spyware and Adware. PC Magazine July
23, 2003
- Pestscan offers free online Spyware
detection. So too does Doxdesk (alternate
link at Aumha.org). Pestscan was disappointing the one time I tried it. It
downloaded multiple ActiveX controls all of which were signed incorrectly. It
found one "pest" but the link for more information failed.
- Ad-aware v6 from Lavasoft
is a free Spyware detection program
- Spybot - Search & Destroy
by PepiMK Software is also a free Spyware detection program
- For more links regarding Spyware, see the links page from my Defensive
Computing class
- Order the
free Windows Security Update CD with bug fixes released through February
2004.
The CD is for Windows XP, Me, 2000 and 98.
- Microsoft
Readies Security Update CDs IDG News Service February 19, 2004.
- Security firm: IE patch does not work CNET News.com September 8, 2003.
The long, winding story of a single bug fix. An excellent illustration of why
there is no good way to be protected from bug fixes.
- Patch and Pray
It's the dirtiest little secret in the software industry: Patching no longer works. And there's nothing you can do about it.
August 2003 issue of CSO magazine. By Scott Berinato
- MS03-032 / 822925 patch doesn't work
By Brian Livingston September 18, 2003. A bug fix with bugs.
- Oliver Lavery on MS03-038
from Woody's Office Watch. September 17, 2003. The person who found a serious
bug in Internet Explorer reported it to Microsoft and kept quiet about it. It
took them months to issue a fix and the fix they eventually issued did not
completely work. Microsoft later admitted the fix did not completely work and
told the world how to exploit the problem well before they had a real fix
ready. Adding insult to injury, the person who found the problem admitted to
doing only common ordinary testing. He called it a very common mistake,
Microsoft keeps making the same type of mistake repeatedly.
- You can sign
up to have Microsoft send you an email message for each security alert.
They have a service for techies and for non-techies. You can also browse the latest
security bugs in Windows. Note, this not a full list of Windows bugs, just
the security related ones.
- Get your bug fixes at the Office
Update web site and the Windows
Update web site.
- For more links regarding bug fixes, see the links page from my Defensive
Computing class
Windows Update
Web sites that test your firewall, for free
- ShieldsUP! by Steve
Gibson of GRC
- Internet-Security Site
by Symantec includes a security scan to see if your computer is safe from
online threats
- Security Scan from Sygate
offers many types of scans
- Secure Me from DSL
Reports offers two types of scans
- For more links regarding firewalls, see the links page from my Defensive
Computing class
Free online virus scans
Examples of bad email messages
More links on this subject are on the Links page I
maintain for my Defensive Computing class.
You can download the free version of MailWasher
or buy MailWasher Pro.
For a screen shot of MailWasher in action, click the picture at the right. (Note, if
you are using IE6, expand the picture to regular size).
See a video
about MailWasher from CNet (only for broadband users).
A radio
interview with Nick Bolton, the man behind MailWasher. Geeks on the
Radio. April 1, 2003. |
|
Suggested configuration options for MailWasher:
- Turn OFF: check the origin of email again DNS spam blacklist servers,
Launch email application after processing and
Perform default mail check on start-up. Also don't bother bouncing
rejected messages.
- Turn ON: Play sound when new mail arrives, Perform default mail check
every X minutes (number up to you)
- If you get a lot of junk email, use the Friends list in MailWasher and
tell it not to display messages from your friends. They will be left
untouched on the email server, will be downloaded by your email program and
won't clutter up the display of junk messages.
- You can adjust the columns displayed to your liking. I prefer displaying
these columns in this sequence:
Delete, Bounce, To, Subject, From, Size, Attachments
|
Use Care When Reading Email with Attachments from
CERT
Detecting SPAM and fraud. To get a feel for both, see this list
of messages you would prefer to delete (picture opens in new window).
Another SPAM sample.
The Outlook Express 6 status bar indicates if it is in online or offline mode.
To switch, just double click on this section of the status bar. |
 |
 |
Hoaxes. If you think an email message might be a hoax, check these web
sites:
Symantec Hoaxes McAfee
Hoaxes
HoaxBusters
Vmyths Snopes
urbanlegends.com
iOpus Secure Email Attachments (SEA), aCrypt
and File Vault
can encrypt and compress files
Online Swindlers, Called
'Phishers,' Lure Unwary New York Times March 24, 2004
How to Stay on Guard and Off the Hook
New York Times March 24, 2004
Phishing with Citibank and PayPal
from Woody's Windows Watch newsletter, September 8, 2003.
Avoiding Swen
about a virus sent as an email message from Microsoft. September 19,
2003.
www.antiphishing.org information about the problem of phishing, e-mail, and
identity fraud.
Internet Explorer URL Spoofing Vulnerability by Patrick Crispen
Some Internet service providers scan incoming email for viruses including AOL, Microsoft Network, Comcast, Covad and
RoadRunner. Other ISPs are preparing to offer this service including Cox Communications, EarthLink and
BellSouth. See Preventive Medicine For E-Mail
in The Washington Post August 28, 2003 and a related story Looking
out for users from the Baltimore Sun August 14, 2003.
Amazon lawsuits target e-mail 'spoof' tactics
By Jon Swartz, USA TODAY. Don't trust the From address of any email
message.
Blocked outlook express attachments
Not being able to open blocked outlook express attachments is a common support issue for users of Outlook
Express. From updatexp.com.
Messenger Service Spam -
End It Now from updatexp.com.
Microsoft Knowledge Base Article - 330904 Messenger Service Window That Contains an Internet Advertisement Appears
from Microsoft.
The Danger In Auto-Reply Messages Sept. 15, 2003
by Fred Langa in Information Week magazine
| michael
@ michaelhorowitz.com |
Home
=> Protecting Your Computer Class |
| Viewed ?
times |
Last Updated: December 9, 2004 |
|
You can download the free version of MailWasher
or buy MailWasher Pro.
