(Computer) SECURITY RECOMMENDATIONS - David Woodsmall

Complete Guides, Recommendations, HowTos, & Advice on Defending Your Computer

7/28/2010 - Optimized for Firefox 3.6.8

COMPLETELY REVISED

COPYRIGHT 1992 thru 2010 - David R. Woodsmall

Use at your own risk - I'm trying to help

Feel free to link to any of my pages

I am sorry that I am not able to help you with any problems

These web sites may be able to help you

** CLICKING ONCE on a Desired, Listed subject will take you to that information **

BEGINNER'S BASIC PRECAUTIONS TO PROTECT YOUR COMPUTER DATA
COMPLETE COMPUTER SECURITY INFORMATION
COMPLETE COMPUTER VIRUS INFORMATION
Computer infected??? Bugs/Recalls/Scams/Warnings

INFO JUMP TABLE

MUST DO COMPUTER SECURITY PRECAUTIONS | Bugs / Recalls / Scams / Warnings | Codewords | Data Security | Disguise your Email address | Email | Firewalls | Instant Messengers | I USE THESE ITEMS FOR PROTECTION - THIS IS OVERKILL | MUST DOs | Malware / Spyware Checkers | Passwords | Password Safes, Encrypted | Plain Text | Ports | Preview Pane | REFERENCES | Registry Fixes / Problems | Resources, other, Related | Security Information - Complete | SHOULD DOs - MORE technical | SHOULD DOs - MOST technical | SPAM Information | Suggestions | Telephone Security, Portables | TeleMarketers - Block Them | Updates | Viewers - free Microsoft | Virus Checkers | Virus Information - Complete | What to do if you suspect you have virus or malware problems | WHERE is this IP address located and who owns it Windows TIPS | UPDATING WINDOWS Wireless Security |

RECOMMENDATIONS - MUST DOs

Remember, information about you is on your PC, perhaps even your SS#

PROTECTING YOUR COMPUTER

1) Get & Install the latest Microsoft Windows security updates. This can be done automatically in lots of versions of Windows. OR Recent versions of Microsoft's Internet Explorer have a pull-down to access Your computer, and recommend needed Windows Updates: Select Tools -> Windows Update You will have a chance to decide whether or not to install particular updates. NOTE: Microsoft generally releases updates on the SECOND TUESDAY of the MONTH. Other Operating systems are also under virus attack - check for security updates. Click here for Linux virus information 2) Avoid using any Instant Messengers Most reliable virus checkers now check Instant Emails, but do they check the IM that you use? Click here for more information on IM problems 3) Shutdown (turn off) the Java Console (even recommended by Microsoft) Note that some sites will not display correctly if Java is not running. I use the Firefox plug-in NoScript to selectively allow and block ALL scripts, Java, Javascript & Cross-Scripting. 4) Microsoft says TURN OFF JAVASCRIPT if you are running Internet Explorer. This may cause some websites to not run correctly. Note that some sites will not display correctly if JavaScript is not running. I use the Firefox plug-in NoScript to selectively allow and block ALL scripts, including Java, Javascript & Cross-Scripting. 5) Check for Security updates for any software that you are running. Almost all software has had security problems which can allow identity theft or other destruction. Click here for some sites that cover these security breaches Click here for more information on IDENTITY THEFT

PASSWORDS

6) SET YOUR ADMINISTATOR PASSORD (ensure that you remember it!) (This makes it more difficult for Malware to change your system settings). 7) Do not pick simple passwords - combine upper case lower case and symbols. 8) Make passwords at least 10 characters in length 9) Do not use birthdates, names of relatives or pets as part of your password. 10) Do not use words found in a dictionary as passwords nor as part of passwords. 11) Submit your password here, to find out how strong is the password. Generate Secure Passwords here See also Encrypted Password "Safes" - Click here

EMAIL

12) Do NOT open/read/view Email from unknown persons. 13) Do NOT open attachments that you are not expecting. NOTE: There are now viruses that transmit themselves withOUT attachments. 14) Consider using an agreed-upon codeword in your emails that send attachments to people with whom you exchange attachments. The codeword SHOULD mean that: A) You sent the attachment, not a virus B) That you checked your system and it is virus-free I use "PACKRAT" as my codeword. Other people are using my idea, and using their three Initials as their codeword. 15) Optionally, Read your email in plain text (not HTML), as some malware uses HTML. Note that by not using HTML, any interesting effects created by HTML will not be observed. In Outlook 2003, click Tools -> Options -> Preferences -> Email Options and check Read all standard mail in plain text.

ANTI-VIRUS - Use Virus Protection

16) Always run a well-reviewed VIRUS Checker, Preferably as part of a full computer security suite. Set it up to automatically get updates whenever you power up. I always check for updates before checking Email or Browsing I strongly suggest changing the scan option to scan ALL File types. I strongly suggest using Symantec's Norton 360 Security Suite, Version 3 (the 2010 version). It is still the top-rated, by most professional Testers. It is about $80 dollars, but covers THREE (3) computers, has Anti-Virus Anti-Malware Anti-botnet Anti-Root-Kits Scans incoming & outgoing Email Scans Instant Messages (the major players) Comes with an encrypted Password Safe (Identity Safe) SafeWeb (alerts you if the web site you are trying to visit is known to be "bad". I also use McAfee's Free Site Advisor plug-in in my Firefox web browser Anti-Spyware Software Firewall Pulse updates (updates aer very quick and short) Very fast and accurate detectiona and removal PC Tuneup Automated backup & Restore (has some free online storage for your backups) How Do I Know When a Virus Hits My Computer? Viruses and Malware have been found in JPGs, PDFs, Word documents, Bluetooth Phones, etc. COMPLETE LIST OF FILE SUFFIXES TO CHECK FOR VIRUSES 64-Bit Anti-Virus Programs (AMD64 / EM64T / x86_AMD) LINUX Virus Checkers On-line Virus Checkers

BROWSING the WEB (Internet)

17) Use Mozilla's Firefox instead of Windows Internet Explorer. (Note that Internet Explorer 8.x has been released, if you prefer it) Firefox 3.6.8 has been released There are a lot of exploits written to take advantage of the Internet Explorer. NoScript - Version 2.0 - Extension for Firefox - YOU NEED THIS PROTECTION NoScript blocks Cross-Site Scripting (XSS) 18) Remove temporary files and addresses of web sites that you have visited, after you are down browsing. Most web browsers (Firefox, Internet Explorere,...) have options that allow you to remove all temporary files, buffers and web addresses, automatically when you exit your web browser. Examine your Browser's security options for a means of deleting these potentially dangerous files, A lot of valuable-to-hackers information is stored in temporary files on your computer - files that you do not even know exist. Some commercial software, such as Webroot's Window Washer attempt to remove these dangerous repositories of potential identity theft. Norton and other companies make. The FREE CCleaner works very well to remove temporary files. 19) Norton's 360 has a built-in Web Security feature that alerts you if the web site is known to contain Malware. I am also using a free browser add-on, called McAfee's SiteAdvisor, which warns me if the website that I am about to visit is known to contain Malware, is known to not contain Malware, or is not currently known to SiteAdvisor. In my case, I am using McAfee's SiteAdvisor plug-in that attaches to my FireFox web browser. SiteAdvisor also works with Microsoft's Internet Explorer. Microsoft has added SiteAdvisor info to their new "bing" search engine - Google, Yahoo and now bing (Livesearch) display McAfee SiteAdvisor info. You can download SiteAdvisor Version 3.0 from here (Click) 20) COOKIES I set Firefox to delete cookies when I clode the program You can optionally choose to save selected cookies. CCleaner will remove cookies - I would have CCleaner run automatically at Windows Bootup, and then close. Another Firefox plug-in, allows a one click to remove cookies for sites that you are currently visiting. This is NOT really ncessesary. 21) FLASH COOKIES Flash Cookies are NOT like regular browser cookies, and they can NOT be deleted by programs the delete regular cookies. Flash Cookies will still track your browsing even if you have no "regular cookies". I use the Free BetterPrivacy Firefox plug-in to delete Flash Cookies.

ANTI-MALWARE/SPYWARE PROGRAMS - Use Malware/Spyware Protection

You should need to run ONLY Norton's 360 Security Suite. IF YOU HAVE PROBLEMS then RUN SEVERAL AdWare/Malware/Spyware DETECTORS. Click here for more information on Malware

DISCONNECT FROM THE INTERNET WHEN NOT USING IT

22) If your cable modem has a switch that disconnects the modem from the Internet (your ISP), consider disconnecting from the Internet when you are not actually using the Internet (I do this). This prevents attacks on your computer when you are not using it. Newer (post 2003?) Motorola cable modems have this disconnect switch. DO NOT TURN OFF YOUR INTERNET MODEM IF YOU USE VoIP for a phone connection - such as Vonage, or Time-Warner's Digital Phone, or SKYPE - as this will disconnect your phone(s).

FIREWALLS

23) I am now using ONLY Norton's 360 Software Firewall (I turn OFF the Windows Firewall). You want to PREVENT Mlaware from sending your data OUT to the Internet. I DO USE AND HIGHLY RECOMMEND A HARDWARE FIREWALL (they are cheap, you probably already have one in your Router), with a Stateful Packet Inspection (SPI) feature. Click here for more information about Firewalls Click here for more information about Hardware Firewalls Click here for more information about Software Firewalls 24) I also suggest a hardware firewall (check with BestBuy, or a similar place) - Hardware firewalls are often built into Ethernet/cable and DSL routers (you PROBABLY already have one, if you use DSL or Cable for your internet connection). Preferable get a firewall with either Stateful or Stateful Packet Inspection. Hardware Firewalls are now fairly cheap ($30 - $ 50 - ask at a reputable store, such as CompUSA or Best Buy [among others]). Hardware Firewalls can do a better job of protecting your computer from from incoming attacks, than a software firewall. Click here for more information about Hardware Firewalls Even better, there are now (more expensive) DPI Firewalls.

SUGGESTIONS

Data Security Suggestions

1) Do NOT store your Social Security Number on your computer - it is too easily stolen - nor your bank or sotck account passwords. 2) Remove all Turbo Tax (or whatever you use) information immediately after you are done with it (store it on CD or Floppy disks - somewhere not on your computer) - and avoid going online as much as possible, while this data is on your computer (spyware may steal your data). 3) Never store any of your passwords on the computer (in plain text form [ie, only if encrypted]). 4) Never store your 401K or Bank Account numbers permanently on your computer. 5) To file Identity Theft complaints with the Federal Government. 6) Consider using encryption for valuable data (too much trouble for most of us). 7) PERSONALLY, I would not store my data on the internet, but that is just my opinion.

General Suggestions

Don't install Demo programs unless you are really interested - their installation or removal may cause problems ===== END OF SECURITY THINGS THAT YOU REALLY SHOULD DO ===== ===== END OF SECURITY THINGS THAT YOU REALLY SHOULD DO =====

MORE ADVANCED THINGS THAT YOU SHOULD CONSIDER DOING

25) If possible, Close your Email Preview Pane (window). (some viruses can be launched from the preview pane, without your opening the Email itself): In Microsoft Outlook 2003, click view and make sure AutoPreview is UNselected. In Mozilla Thunderbird, click view -> Layout and confirm that Message pane is UNchecked. Pressing F8 toggles the preview pane on or off. In Outlook Express 6, click view -> Layout and ensure that Show preview pane is UNchecked. 26) Optionally, consider using a non-Microsoft Email program, such as Mozilla's free Thunderbird. There are a lot of viruses written specifically for Microsoft's Outlook, Outlook Express and their Address Books. NOTE: Thunderbird 3.1.1 is out. NOTE2: Mozilla wants to donate Thunderbird to the public (making it open-source) - Find the Best Email Software and Services - About.com The complete guide to using Gmail with Thunderbird, Mozilla Mail 27) Make your file extensions visible: Open Windows Explorer or any folder window and click: Tools->Folder Options->View Ensure that the option Hide file extensions for known file types is UNchecked. Files that are executable (such as .com, .cmd .exe,...) are more dangerous than others. Click here for more information 28) Check to see that your computer ports are closed (against hackers) (it's automated) Your computer has thousands of "ports" that can be used be programs accessing the Internet. Few of these ports need to be "open" (available for use by programs). An open Port can be used by malicious software to gain access to your computer and/or information on your computer. A lot of valuable-to-hackers information is stored in temporary files on your computer - files that you do not even know exist. These open ports can be accessed by Malware both on your computer, and not on your computer (on the Internet). A port can be either OPEN (can be used to send/receive messages, including Malware), CLOSED (the port will not process any messages, BUT an attacking computer is told that the port is closed, meaning that an attacking computer now knows that your computer exists, and may try to attack your computer, and STEALTH MODE, where your computer port can not even be detected, nor will that port process any incoming messages (denying Malware a chance to attack your computer via this port). It is best if all of your Ports be in STEALTH MODE (some programs, games, etc, will require that certain port(s) NOT be in Steath Mode (your software, games, etc., may need to use a paticular computer port. I am currently trying Norton's 360 Version 2.0 on my wife's computer. I've run GRU's port tests, and found that ALL ports EXCEPT Port 22 are in Stealth Mode; I don't yet know if I want to try to change port 22 from Closed to Steath. Under my Zone Alarm Pro software Firewall, ALl ports are in Stealth Mode. Some commercial software, such as Webroot's Window Washer attempt to remove these dangerous repositories of potential identity theft. Norton (Symantec) and other companies make similar products. The Windows (DOS) command: netstat -an will list all your open ports. (Start->Run->then type "CMD" and press enter. Then enter the command: netstat -an. For a list of netstat options, enter the DOS command: netstat /? Batten Down Those Ports Symantec Security Check Click here for more information about computer ports

29) KEYLOGGERS / KEYJACKERS

A Keylogger's main purpose is to capture keystrokes made on your keyboard. Captured keystrokes can yield your login IDs and Passwords. Click here on HOW TO FOOL KEY LOGGERS - very useful on Trips Because the keylogger is programmed to hijack data from the IE "Protected Storage Area," Eckelberry recommends that IE users turn off the browser's "AutoComplete" feature. That can be done by unchecking the pre-checked boxes via Tools > Internet Options > Content. The data stored in that IE feature is very lucrative for identity thieves. The browser's AutoComplete tool is used to store all data entered on HTML forms when purchasing products over the internet or filling out personal information like addresses, phone numbers, and Social Security numbers. It also has a feature that stores usernames and passwords for Web sites that require you to login. One example of this is online banking Web sites that include Web-based mail servers like Hotmail or Gmail, he explained. Some commercial software, such as Webroot's Window Washer attempt to remove these dangerous repositories of potential identity theft. Norton and other companies make similar products. These products, as far as I know, don't remove keyloggers, just some of the data that keyloggers try to steal. Click here for more information about Keyloggers/Keyjackers 30) ENCRYPTED PASSWORD "SAFES" FREE with Norton's 360. There is software available to protect your passwords and to provide them to sites without you entering the passwords, preventing keyloggers from capturing your passwords by logging your keystrokes. I do not know how well these programs work. I am using Identity Safe, part of Norton's 360 Security Suite. I have also heard about: RoboForm 6.9 (ENCRYPTED PASSWORD PROTECTION) More information on Password safes, including Free Versions

31) POP-UPS - Block them

Between Norton's 360 security suite and shutting down the Windows Messenger Service (see the next line, below), you should not have pop-ups, unless you have Malware on your computer. Shutdown the POP-UPS from Windows Messenger Service 32) Optionally, consider disguising your Email address to confuse Email address gathering bots, or use throw-away Email addresses. Click here for more information on Disguising your Email Address ====== END OF OPTIONAL, MORE DIFFICULT SECURITY THINGS ===== ====== END OF OPTIONAL, MORE DIFFICULT SECURITY THINGS =====

OTHER SITES WITH COMPUTER PROTECTION TIPS

R.U.N.S.A.F.E. Ten Commandments of PC Security

WHAT TO DO IF YOU THINK YOU HAVE VIRUS / MALWARE PROBLEMS

How Do I Know When a Virus Hits My Computer? Free malware check - are you Infected or Not? - Computer Helpers ... Are You Infected? Detecting Malware Infection RUBotted - a free program to find Out if Your PC is Part of a Botnet A) Try running all of your anti-virus and anti-Malware programs, if the virus or malware program will let you run them (lots of viruses try to cripple your anti-virus program) ONLINE VIRUS CHECKERS ONLINE MALWARE / SPYWARE CHECKERS nanoScan - online Malware/Virus scanner - recommended by PC Magazine B) I also occasionally use the free CWShredder - a CoolWebSearch Trojan Remover. C If the Virus will let you, go to a web site that does free virus scanning and fixing online (from their web site). D If the virus prevents you from accessing anti-virus sites, and has disabled your virus checker, you could (for knowledgable users) boot up a Linux CD with anti-virus programs in it, that run from Linux to check Windows systems. Click here for more information E If all else fails, purchase the highly rated Spy Sweeper, $30/yr, $ 40/2 years. F I have also used, purchase SpyWare Doctor - $30 They offer a free scan, but charge the $30/yr if you want to remove the pests. In my personal opinion, I prefer Spy Sweeper. G) use Hijack This to capture data for experts to decipher for you H) What to do if your system is infected - CERT What to do when a virus is found on a computer Dealing with an infected PC - Malware - Microsoft Disinfecting macro viruses - Sophos How to Remove Spyware From Your System - Youri Durmascu Procedures to nurse a sick and quarantined Windows computer back to health BOOT CDs & FLOPPIES I) Check with these free help sites For more information on VIRUSES, Click here For more information on MALWARE, Click here For more information on SPYWARE, Click here For more information on ADware, Click here

SHOULD DOs - More Technical

1) Set your Internet and Intranet trust Levels 2) SPAM filters - you may want to consider them. Spam-Proof Your In-Box 3) Your passwords are probably easily revealed 4) No-Cost Ad Blocking - You should NOT need this 5) Block Web Ads - You should NOT need this 6) Read & follow PCworld's 10-step PC Security suggestions 7) Let Windows Handle PC Maintenance for You - schedule tasks 8) What is running on your PC - USE CAUTION IF YOU REMOVE ANYTHING

REGISTRY FIXES

It is a good idea to back up your Computer Registry files before making any changes. Windows XP makes a backup everytime that you reboot, so that you have the option of going back. For older versions of Windows, you may need to manually create a registry backup. 1) I use Norton's 360 Registry Cleanup 2) Lately, I bought and use the Highly recommended Registry Mechanic to find and fix Registry problems.

TELEPHONE SECURITY - PORTABLE PHONES

1) Do NOT use analog portable phones - anyone can eavesdrop. 2) Get only Digital phones that use ENCRYPTION.

TELEMARKETERS - SLOW THEM DOWN

1) Get an UN-listed phone number 2) Get a "TeleZapper" - $50 (I think there are now some for $39) Radio Shack, Best Buy,... sell TeleZappers. A) TeleZappers generate a tone that tells automated calling systems that your phone number is not good. B) Newer automated calling systems supposedly ignore this tone, but TeleZapper works for me. 3) List yourself with the national Do Not Call List NOTE - this is somewhat scarey as: A) It expires in 2008 ? - then "they" have your phone number B) It won't block off-shore telemarketers Do Not Call Registry Violation Complaint - www.donotcall.gov 4) Consider Caller-ID - but why should we need it? 5) Consider blocking incoming calls that do not identify their phone number (I don't know what this costs - requires Caller-ID). Check with your telephone service provider for costs and implementation. 6) The FCC requires phone companies to provide a FREE service whereby you can press a few buttons after receiving a harassing phone call, and the FCC will go after the caller, even removing their phone service. DO NOT BUY CALLERID, which they push, DEMAND THIS SERVICE.

Free File Viewers for Microsoft products

Office Online File Converters and Viewers

WINDOWS TIPS

Windows Tips

WIRELESS SECURITY

1) Always use Encryption, preferably WPA2 A) WAP - Click here for more WAP info B) WEP - Click here for more WEP info C) WPA - Click here for more WPA info D) WPA2 - WPA2 (WPA2) so far (9/2006) is the strongest wireless encryption publicly available. Use WPA2 if at all possible. 2) Always use MAC addresses to block unknown users (set your hardware to only accept connections from known hardware MAC addresses). Because too many people know the defaults and too many users never change the defaults: 3) Always change the Router/Access point/Switch/Hub's login name of the Administrator account 4) Always change the Router/Access point/Switch/Hub's Administrator's password 5) Always change the Network Name (often called the SSID) Click here for more information on Wireless Security

I USE THESE FOR COMPUTER PROTECTION

A Hardware Firewall/Switch/Cable Modem. Symantec's Norton's 360 Security Suite - for THREE computers (Anti-virus, anti-malware, anti-spyware, anti-netbots, anti-Root-Kits,...) Webroot's Window Washer (you should use the free CCleaner) - deletes termporary files. I occasionally run Trend Micro's FREE CWShredder I always install all Windows XP & Microsoft software updates as soon as they are released. Note that Microsoft releases Windows updates on the Second Tuesday of each Month. Occasionally, there will be an emergency release on other days. For really stubborn (FREE ?) Browser Hijack problems, try HijackThis Version 2.0.2 Run HijackThis (2.0.2) and click Do a system scan and save a log fil - highly recommended, although I have not had the need to use it. - MORE HIJACK THIS INFORMATION & SITES THAT ANALYZE HIJACKTHIS LOGS

TO UPDATE MICROSOFT WINDOWS XP

1] Open an Internet Explorer window (You must use IE, not Firefox, Opera,...). 2] Click on Tools and select Windows Update 3] Then follow instructions. 4] Do this regularly, at least the SECOND WEDNESDAY of every month. While Microsoft updates come out the SECOND TUESDAY of every month, sometimes the updates are released about 6 PM Eastern Time, so I suggested Wednesday.

PROTECTING YOUR COMPUTER HARDWARE

You should seriously consider putting ALL of your computer hardware on a good Surge Proector - ALL cables/wires going to your computer should be surge protected. This includes any Ethernet and Phone wires (if you use them with your computer), and your cable modem's Cable (if you use a cable modem). EVERY electrical path into your computer should be filtered by a surge protector to cut down on the risk of surges destroying some or all of your computer. Click here for more Hardware Proection information

SOME OF MY OTHER RELATED RESOURCES

64-bit Security Software 64-bit Virus Checkers Acronyms/Glossary PC/SAN/NAS/QA/Wireless/Linux/Network/Video/Pharma/WIN/wms.. Advisories, Security & Virus Adware Articles on Computer Security Articles on Viruses and related problems Backdoors Bluetooth Books - Woodsmall's Recommended Technical Books Boot Viruses Browser Security Cookies Email viruses Encryption Ethernet / 802.xx Firewalls Glurges Hardware, Protecting your Identity Theft Instant Messaging (IM) IP Filters/Filtering, Port Forwarding & IP Firewall Administration IP Masquerade keylogging / keyjacking Linux Security Linux virus checkers for Windows and Linux Malware Modems PDA viruses Popups Phone viruses RAID Registry fixers Root-kit hacks SPAM Spyware Trojans Vandals Virus Information Web bugs WHERE is this IP address located and who owns it Wireless Security Worms

REFERENCES

Security / Virus Books Complete Computer Security Virus Info Woodsmall's Recommended Technical Books

OTHER RESOURCES - Caveat Emptor

stay tuned

OTHER INFORMATION