Stop the Bad Guys: Net Security Update

     

Outline of an LPCUG program presented by Bob Warwick at the September 8, 2006 meeting.

First Line of Defense -- Wetware!

Don't open SPAM! 
Turn off Preview Pane:  View >Preview Pane
Delete SPAM without opening.
Don't open attachments!
Even Santa from Aunt Susie.
If you must play with attachment, copy and paste into a temporary directory and run your antivirus and spyware software on it before running.
If the message with the attachment doesn't look right, ask the sender.
Social Engineering
Phishing
Don't respond to Internet offers like popup "You have Spyware on your computer!"
You don't get something for nothing--usually.  If it's free, and you don't know about it, it probably contains Spyware.  Also, don't buy programs without doing research to see if they are loaded with Spyware.
Don't say "yes" for "special downloading program".
Children and Internet Safety
Kim Komando's Ten Commandments
Make sure your operating system is up to date with all critical updates installed.
 
 Be very careful of Internet Explorer--has real security problems.  Use FireFox if you are concerned.
Example: Copy something on your clipboard, then go to this site.  Internet Explorer gladly gives the content of your clipboard to the site!!!
The Fix:

Fortunately, there is a way to secure Internet Explorer. In Internet Explorer, click Tools>>Internet Options. Select the Security tab. Under Web content zones, select Internet. Under Security level, click the Custom Level button.

Under Scripting, you'll see a setting labeled "Allow paste operations via script." For that setting, select Disable. Also Disable "Scripting for JAVA applets".  Then click OK. Finally, click OK on the next window

Consumer Reports, September 2006, has some helpful general comments about computer security.  Check out their comments here.

Second Line of Defense -- Protective Software

Anti-Spam

Most of the bad stuff arrives in your mail incoming folder in the form of unsolicited email, in other words Spam.  The current issue of Consumer Reports (Sept. 2006) rates programs that will identify and remove most Spam from your mailbox before you open it.  The Spam will be put in a separate folder so you can review it, and make sure that it is not removing something that you wanted.  Take a look at CR's recommendations here.

Trend Micro Anti-Spam Pilot (Free!)  

Download Link

Key Features
Trend Micro Anti-Spam is designed to:

Block spam using advanced heuristics technology
Separate suspicious messages in spam quarantine folder
Enable you to create approved and blocked sender lists 
Integrate with Outlook; adds anti-spam functions to the toolbar

Antivirus

The September, 2006 issue of Consumer Reports shows an exhaustive test of most of the antivirus programs on the market today.  They are taking a lot of unjustified heat for going as far as to make up hundreds of new viruses to test each program's effectiveness at finding previously unreported viruses.  Curiously, the did not test AVG which is recommended below.  I have used it for years and it has never failed to detect a virus (and I have given it lots of practice!).  Here are CR's ratings.

 

avast! from ALWIL Software
One-click download link
(note: clicking this link will begin the download)

avast! 4 Home Edition is a FREE full-featured antivirus package designed exclusively for home users. It provides constant protection against viruses and will automatically update your virus files.

Cost: Free

 

AVG Antivirus from Grisoft   
Download link

This antivirus program not only protects your computer against viruses, worms and malicious code - it's free! AVG AntiVirus allows you to scan on demand or at scheduled times. It also features an e-mail scanner that supports most e-mail programs such as Outlook Express and Eudora.

Cost: Free

 

Spyware & Adware

The September, 2006 issue of Consumer Reports also tells about extensive testing of Anti-Spyware and Anti-Adware programs that have the capacity to trace what you are looking at on the web.  These programs can report back to the bad guys all kinds of information about you that you may not have wanted to share.  While they rate Lavasoft's commercial Ad-aware program, again, curiously they omitted the free version listed below.  The free version works as well as the commercial version, but you have to tell it to check your machine, rather than having the bad stuff blocked autmatically.  While you cannot have two antivirus programs on your machine at the same time, you can have two anti-spy/adware programs on it.  Running both Ad-aware and SpyBot Search & Destroy (one at a time) seems to catch just about everything in this category of bad stuff.   Look at CR's ratings here.

Ad-aware from Lavasoft   
Download link

This program finds spyware, also known as adware. These are little programs that advertising companies place on our computers. They report back on our browsing habits. Run Ad-aware weekly, and get this garbage off your hard drive.

Cost: Free

Hijack This! from Merijn.org
Download link

A program designed to fix browsers whose home pages and settings have been altered or "hijacked," Hijack This! requires some knowledge to be used safely. After scanning your system, which takes just a few seconds, it shows in a single window a list of items that could be related to browser hijackings.

Cost: Free

Spybot Search and Destroy from PepiMK   
Download link

This program finds spyware, also known as adware. These are little programs that advertising companies place on our computers. They report back on our browsing habits. It allows you to fix registry inconsistencies related to adware.

Cost: Free 

 

Firewalls

ZoneAlarm from Zone Labs, Inc.   
Download link

This is my favorite firewall. Made by Zone Labs, it will render your computer invisible to hackers’ probes. Hackers run scanning programs over the Internet, looking for computers with electronic openings, called ports. A good firewall such as ZoneAlarm makes your computer invisible to the scanners.

The goal of these intruders is to place a Trojan horse on your computer. The rogue program uses the open port previously identified by a scanner. However, ZoneAlarm blocks those transmissions. They can only go through if you agree. Always say no, unless you recognize the program.

Cost: Free for personal use

Kerio Personal Firewall from Kerio Technologies
Download link

Kerio Personal Firewall makes your computer invisible to hackers on the Internet. Additionally, it shows which programs on your computer are accessing the Internet. The full version offers more features, such as pop-up blocking.

Cost: Free for personal use

Outpost Firewall from Agnitum
One-click download link
(note: clicking this link will begin the download)

The free version of Outpost Firewall offers a basic protection solution for casual web surfers and low budget systems. There is also a "Pro" version with more robust features.
Cost: Free for personal use

Finally, check with your Internet Service Provider for free software.
Comcast
TC3NET