You must be logged in to post messages.
Please login or register

Technical Forum
Moderated by Jayhawk

Hop to:    
Welcome! You are not logged in. Please Login or Register.46 replies, Sticky
Caesar IV Heaven » Forums » Technical Forum » Beyond the owner's manual - Zen's guide to safe computing
Bottom
Topic Subject:Beyond the owner's manual - Zen's guide to safe computing
« Previous Page  1 2  Next Page »
Zen
Ghost
(id: Angel Zen)
posted 03-29-02 08:52 ET (US)         
We've all had gone through them - or at least heard of someone that did. These things can do anything from causing minor headaches to total destruction of your computer (requiring hardware replacements). It's the bane of tech support help desks everywhere.

What is it?

I'm talking about unsafe computing - which, just like unsafe-sex, can lead to a whole can of worms, such as unauthorized access into your computer, pop-up ads popping out of nowhere, companies that spy on your surfing habits, software that capture every email you've ever sent and received, etc., etc., etc., etc.

Practice Safe Computing
How? Here are some of my suggestions:

1. Keep your computer updated
This may seem to be a bit of a pain, but the fact is, software companies find bugs (or have bugs reported to them) in their software all the time. Some times these bugs are minor bugs that you can safely ignore, but some times these bugs open your computer to possibilites of harm. These bugs are called "vulnerabilities", or "exploits". They can cause your computer to lock up, give other people access to your files, infect your computer, etc.

Microsoft
Just about every computer user out there have used a MS Windows system, and has it running at home. Bad thing is that Microsoft included a Lot Of Extra Stuff on your computer that you may not need, or was "forced onto you" by Microsoft by way of convenience. But the good thing is that updating all these things normally is just a click away. Go to Microsoft's Windows Update website and let it figure out what needs to be upgraded. Most of the time you'll only need to concern yourself with the updates listed in the "Critical Updates" section. Feel free to do other upgrades to your system as well, but remember the mantra - "If it works, don't fix it."

If you use Microsoft Office, you may want to check out Office Update as well, since Office includes a feature called "Macros" - basically mini programs that run within a file. There are a lot of viruses that are ran with this feature.

Instant Messaging
The next important update check is for the many instant messaging software out there. The popular ones include Trillian, AOL Instant Messenger, ICQ, MSN Messenger, and Yahoo Messenger. Since these are the programs that always "listen" for incoming messages, it is easy for someone to try and break down the door (and - most of the time - either crash the program, or take down your whole computer.) Check up on those sites for any updates that may be available.

Email Software
If you have followed some of the links in the introductory paragraph of this article, you will notice that some of the viruses are spread through email. Take precautions - install a virus scanner that scans your email (Norton AntiVirus), and disable JavaScript or any scripting for your email program:

EUDORA
Go to Tools->Options->Viewing Mail, and make sure "Use Microsoft's Viewer" is unchecked.

Caveat: the free version of Eudora is ad supported; you may be better off either paying for it (especially if you're a heavy email user), or use Mozilla's built-in mail software (which is similar to Outlook Express)

Outlook Express/Outlook
Don't use Outlook Express or Outlook. It's outright dangerous. Plus, many file-system based virus scanners can not scan OE/Outlook messages, since they're all stored in one giant file. To my knowledge, only Norton AntiVirus allows for "Email Protection" by scanning the mail before Outlook ever gets its hands on it.

Mozilla
In case you're wondering, Mozilla is Netscape's next generation browser. You can read more about it at http://www.mozilla.org . If you can't afford Eudora, this may be the way to go.

Go to Edit->Preferences->Advanced->Scripts & Windows. Under "Enable JavaScript for:", uncheck Mail & Newsgroups.


AntiVirus Software
Having an Anti-Virus scanner installed is only half the fix. You have to constantly update your virus definitions to keep it fresh - so that it can be prepared for new viruses. Also, if you hear news of a "new virus", it's generally a good idea to update your virus definitions for the next day or two (in case your vendor was slow in coming for updating their definitions) Some popular virus scanners include Norton Antivirus, McAfee AntiVirus, F-Secure and Sophos AntiVirus. If you were wondering why Dr. Soloman's was left off the list, that's because McAfee bought them.

REMEMBER! UPDATE YOUR DEFINITION ONCE A WEEK!

Information overload
Yeah, it's tough work, but here are a few websites that you can visit to keep you up-to-date:

http://www.betanews.com: Posts updates to programs within a day of their announcement. You can download files & view changes made to the program.

http://www.slashdot.org: A great "Geek News" site that reports news-worthy vulnerabilities.

http://www.arstechnica.com: Another "Geek news" site

http://online.securityfocus.com/bid: Security Focus's online vulnerabilities database

http://www.grc.com: Gibson Research Corporation - a great site for in-depth articles on various things computer-related.

2. Unnecessary Utilities
Don't install things that you don't need. Ask yourself this question: Is this program worth 2 days of down time? If your answer is no, don't install it. But if you have a pressing need for it, take a few moments of your time to do a search for the program on google.com. What you are looking for is user-feedback, as well as any news items that might be of interest. Check on it, and see if the feedback is good, and read the news item to see what it says. If everything checks out good, then - in most cases - it's good to install.

Internet Installs
Occasionally you will see something like this pop up:

That is Internet Explorer's way of telling you:
"Can I install this program on your computer?"

Now, here is my rule of thumb.
If the program is distributed by Microsoft (various apps), Apple (Quicktime), Macromedia (Shockwave Director & Flash), Real (Real Audio/Real Video), and Google (Google Toolbar) then you normally would click ok. Otherwise ALWAYS SAY NO. The exception to this case is if you were at work and was told to click on the "YES" button by a qualified member of their helpdesk team.

Why always say no?

Take Gator Setup, for example. When used properly, Gator Setup will install "Gator", a program that remembers your passwords & forms, while installing additional advertising software on your computer. (Note: Internet Explorer 5+ and Mozilla both can remember your password & form values). It's a bad thing.

But when used improperly, Gator Setup will install ANY PROGRAM it's told to setup by the website that sent you the program. So if you say "YES", you could be installing a program that you don't want on your computer (trojan horse, virus, spyware, adware, etc.)

Less is better
The less programs you have installed, the better. Less Programs = less memory and system resources used, thus allowing your computer to run faster.


3. Scan your computer
ScanDisk
Windows come with a utility called "scandisk" - and it does just that. It scans your drive(s) for errors, and attempts to fix them. It's recommended you do this once every two weeks.

Defragment your drives
Windows also come with a "disk defrag" program that improves performance of your hard drive. If you have a lot of drives, or have a huge drive (over 8GB), running defrag will take a long while. Do this every two weeks. (Normally right after a scandisk Norton SpeedDisk and Diskkeeper are also two other popular defrag programs out there.

Scan your computer for viruses
You do have a virus scanner installed, right? No? Go get one. Then, do virus scans every week, or every two weeks, depending on how much time your computer gets used. I do a scan every Friday night. Don't forget to update your virus definitions!


4. Don't Fry your computer.
Make sure all your computer equipment is hooked up to a surge protector. A simple powersurge (commonly caused by lightning) can take out your *entire* computer system - monitor, CPU, printer, and anything else that is not protected. Just two weeks ago over $20K of computer and video editing equipmet was saved by a fried $19.95 surge protector. I don't know about you, but $19.95 is always better than $20K.


5. Be careful who you give out personal details to
I can't stress this enough - Whatever you do, always be conscious of who you are giving your personal details to. This includes your name, address, phone number, email address, credit card numbers, social security number, etc. - unless you absolutely trust the entity asking for it. Especially your CC numbers, SSN, and email addresses. It should be obvious why you shouldn't, but just in case you don't get it:

Credit Card number
If you give away your credit card number, you're basically giving people a blank check.

Social Security Number
If you give away your social security number (or ID number in some other countries), you're opening yourself to identity thief - something stealing your identity, thus ruining your credit history, your reputation, etc.

Email Address
Three words: Unsolicited Commercial Email... or one: SPAM. Unless the website you give your email to have a privacy statement that states clearly what they do with your email, never give it away. If possible, never post your email address on a website either (I'm staff... I'm required to post mine on HeavenGames... you should see the amount of spam I get) - there are automated programs that harvest your email off websites.

( Just so you know, HeavenGame's email policy is that your emails are NEVER shared with, rented to, or sold to anyone. We know the pain of receiving spam. )

AOL
If you are an AOL user, use a different screenname dedicated for chat rooms. And create yourself a different AIM screenname. Basically, keep secret the screenname you login to AOL with.

In addition, if AOL asks you to re-verify your password, it's fake. If AOL asks you to re-verify your credit card number, NEVER, EVER do it over the web. Do it over the phone with the number on your AOL bill.

Avoid their chatrooms!!! They have bots that "fish" your screenname out of the room, add @aol.com to the end of that screenname, and send to it a lot of nasty spam.


6. Precautions to take for children users

Computer/internet use should always be supervised by you. The internet is a PG-medium - it always require Parental Guidance. If you can't supervise their internet usage, then you probably should install some software that lock them out of the internet, or just plain-old lock them out of your computer.

Most kids don't know what safe computing is too, so they can throw all your safe computing efforts out the window.

I leave the decision of when the kid is old enough to use the 'net unsupervised up to you


7. Precautions to take if you share your computer

Try not to share it if possible... otherwise, teach them safe-computing, but more importantly, if they don't own the computer, make sure they know you're the owner and you frown upon them installing any programs or downloading anything to the hard drive without your approval

If you share your computer, make sure other users practice safe computing as well


8. Install a "Firewall"

If you have a broadband connection and your computer is on a lot, you may want to install a firewall to protect your computer from hacking attemps that come from other computers on the internet. ZoneAlarm is a popular firewall package that is easy to use and is free.

For more information, a great resource to start at is Gibson Research Corporation's "Shields Up" page.


9. Backup your computer
Don't forget to "backup" your computer once in a while. Or at least save all your data onto ZIP disks or CD's. Important Data include all your stuff in "My Documents", your email files, your ICQ database (C:\program files\icq\*), and anywhere else you save your stuff in.

The easier way is to purchase backup software, such as Backup MyPC. It will let you burn your backup onto many CD's should you decide to do a complete backup of your system.

10. Housekeeping
Don't forget to clean out old files and uninstall old programs!

Speaking of uninstalling, always uninstall by going to Start->Settings->Control Panel->Add/Remove Programs. Otherwise you risk breaking other software programs in more ways than one, or leave behind a dirty uninstall. (i.e. files that didn't get deleted, etc.)

I think that's all... I'm sure ET and some of yous will have other ideas to tack on to this


Zen

[This message has been edited by Angel Zen (edited 09-10-2003 @ 02:53 AM).]

AuthorReplies:
Gill Britannica
Inactive
posted 03-29-02 09:22 ET (US)     1 / 46       
Thank you Zen. I just read the whole thing through with my face going brighter & brighter red over various things I have done in the past or am still doing (plus those that I should be doing but am not)

It should be required reading for any computer user.

mouse
HG Alumnus
posted 03-29-02 09:32 ET (US)     2 / 46       
Zen that is great information and should be posted on all websites If everybody followed those suggestions there wouldn't be any need for most of the tech forum

Personally I don't back up but rather use Powerquest Disk Image which can burn an image to a cd which can even be made bootable A bootable disk image works like a system restore disk. Only do it once a month because I don't make many changes worse case scenerio when I restore the data is a month old

Some utilites that I would recommend being in every computer users toolbox. A good registry cleaner for those programs that don't clean up after themselves(I like Super Rabbit). A good file cleaner like Hard drive Valet to clean up all those temp files left behind by installers. Startup Cop for turning off things that don't need to run at startup. Ad-ware for cleaning spyware from your system. A good Trojan Horse virus scanner since regular virus scanners don't always find them until too late.

Some other utilites I would recommend and reasons for recommending them
Powerquest Partition Magic the new large hard drives are very inefficent unless they are partitioned. Partitions of more than 10gbs are just a waste unless your doing video editing which requires a great deal of space. Secondary suggestion related partitioning your drive allows you to just have the operating system installed on a partition by itself and allows the swap file to be installed by itself on a partition allowing it to perfom better.

Powerquest Disk Image/Drive Image since it allows you to retore your system quickly and easily to a working state. It takes minutes to restore instead of days if you have to fdisk and completely rebuild the software.

Pretty sure there will be many more suggestions for safe computing

Pecunia Maxima
Pleb
posted 03-29-02 10:06 ET (US)     3 / 46       
In addition to #5: email address:
If you need to give an email address to sign up for some service, create yourself a hotmail address (or yahoo or whatever) to sign up with so your regular email doesn't get spammed.

And another one: close your internet connection if you don't use it!

ET FLAVIUS
Pleb
posted 03-30-02 03:47 ET (US)     4 / 46       
Wow..a very nice composition of the Nitty-gritty surrounding this subject Zen Thanks so much for taking the time..I'm not much on "sticky" threads..but this one is deserving

One of my recent discussions..has these comments fresh in miind:

The Internet is so multi-faceted, with the ever increasing multitude of people using and "expermenting"..curiousity seekers..both the naive and the devious. In the shop I'm seeing an ever increasing amount of PC "reconfiguring" (mostly software, i.e. browsers..etc) on customer invoices..where the PC has been allowed to be adjusted by "adult" entertainment sites or info leeching sites that will scramble your PC in seconds..the darker side of the Net for sure. Some of these people don't have a clue as to why..or when their PC became "redone"..they just want it back the way it was when they purchased it.

To forewarn is all well and good..but people will stop and want "to see" what happened at an auto crash, so the "nature of the beast" is a factor that works against always escaping these Net consequences.

We always try to explain these elements..sometimes it is too difficult to elaborate without actually sounding like we are discouraging people or instilling fear of the Internet somehow.. kinda like it is now

Thanks again.
ET

DarthBane
Pleb
posted 03-30-02 09:39 ET (US)     5 / 46       
Pretty Comprehensive list there Zen. Amazing.

I'd like to point out though, only gloating slightly (), that I have a hotmail address that never (and I mean never...) gets SPAM, and I use it daily


Eh?
Duan Xuan
Pleb
posted 03-30-02 23:20 ET (US)     6 / 46       
Phew... the internet's just to dangerous.

Quote:

Don't use Outlook Express or Outlook. It's outright dangerous. Plus, many file-system based virus scanners can not scan OE/Outlook messages, since they're all stored in one giant file. To my knowledge, only Norton AntiVirus allows for "Email Protection" by scanning the mail before Outlook ever gets its hands on it.

But is NAV really THAT safe? I'm using OE with NAV's Email Protection, but still I'm not that relaxed about that fact.


D XUAN
SNR
Banned
posted 03-31-02 05:07 ET (US)     7 / 46       
Just got it put up on CH and in the hall
mouse
HG Alumnus
posted 03-31-02 05:23 ET (US)     8 / 46       
AVG and McAfee both do email scans for virus's
If you want to be safe using Outlook/Outlook Express then turn off the preview feature Don't open mail with attachments that you aren't expecting no matter who they are from even friends since virus send email. Scan every file before installing it on your computer since even cds can carry a virus One of the gaming magazines gave away a cd that was infected with a virus, when confronted about they said they knew
C Franziskus
Pleb
posted 03-31-02 08:56 ET (US)     9 / 46       
Great post Zen - thank you -

Now, where is a piece of wood when you need it...

Been using 'outlook' since it came out, and as mouse said, w/o the preview never had a prob...I do keep it patched (updated) though ...to the point that it won't even let me d/l some files that get sent to me by friends/customers .

since '81 using PC's and have yet to install a 'antvirus' program (btw, hate 'home security system too ) - then again, I don't have a 'Captain Kirk' attitude when it comes to surfing the net either

I do get 25-35 'spams' daily though and wish there was a way to stop that - answering back to be 'removed' has only increased it - so I just 'delete' every morning while enjoying my coffee....

Windplume
Pleb
posted 03-31-02 15:27 ET (US)     10 / 46       
Good stuff Zen. Couple things though for everyone:

IM software is fairly safe as software goes. ICQ, Yahoo, and MSN messengers are all fairly buggy and have holes, but AIM and Trillian are okay.

slashdot rocks

Locking your kids out of the computer or the internet is stupid. If you can't trust them with a computer, why turst them with anything else. Plus, programs like NetNanny suck, and are really easy to remove.

Watch out for ZoneAlarm. I had serious problems with uninstalling it (it left all registry hooks in and killed some dll's and vxd's). Try Tiny or ConSeal. Also, stay away from BlackICE, it sucks.

Hotmail is a good thing. I get like 250-300 spam mails a week on it. Use the "Send mail from anyone not in my Address Book to the Junk Mail Folder" Filter.
Angel Draco
HG Lawgiver
posted 04-02-02 12:22 ET (US)     11 / 46       
Great post Zen! And some of the other utilities recommended in subsequent posts are excellent as well! I plan to find that "Super Rabbit" registry cleaner Mouse mentioned.

You're not kidding when you say disk defrag takes a looooong time on drives larger than 8MB. It think it took my 20 Gig HD nearly 5 hours to defrag.

Mouse, can you tell me a bit more about partitioning large HDs to smaller sizes around 10 Gig or so? Why is it bad to not partition, say, a 40 gig HD?

mouse
HG Alumnus
posted 04-02-02 12:44 ET (US)     12 / 46       
Ahhhhh AD my favorite hobby horse If you have a large hard drive such 40gb the seek time (amount of time to find file information) is really long If that same drive is partitioned into partitions of say 10gb your seek time is much shorter Defragging and scan disking takes a very long time on a 40gb drive. There is more and worse file fragmenting with an unpartitioned drive Windows will fling bits and scraps of files to the far corners of the 40 gb drive

My recommendation for a 40gb drive is that the first partition should be no more than 8gb with the operating system installed The second partition should be about 1.5 gb and the swap file should be moved there and set with the minimum set to 600mb The balance of the space can be split into partitions of up to 10 gbs These type of partition sizes allow for small cluster size thus less wasted space on the drive The only reason to have a partition larger than 10gb is if you do video editing since it needs more room to handle the images

More than you ever wanted to know about partitioning IMHO the only program to use is Powerquest Partition Magic as it's easy to use even for a novice

Duan Xuan
Pleb
posted 04-03-02 04:11 ET (US)     13 / 46       

Quote:

If you want to be safe using Outlook/Outlook Express then turn off the preview feature.

Thank you Mouse. But how do I do this?


D XUAN
PtaW
Pleb
posted 04-07-02 05:36 ET (US)     14 / 46       
Hi, all.

DX, go to View/Layout, and there you can uncheck the 'show preview pane' box in the Preview Pane section.

Duan Xuan
Pleb
posted 04-08-02 09:35 ET (US)     15 / 46       
I unchecked the 'use preview pane' checkbox but not the one saying 'show preview pane Header'. Is that right?

D XUAN
PtaW
Pleb
posted 04-08-02 10:43 ET (US)     16 / 46       
You've got it, DX!

The "show preview pane header" checkbox only applies when the preview pane is active - as the name suggests, it gives the messages a little header when they show in the preview pane. You'll notice that when you uncheck the "use (or show) preview pane" checkbox, the "show preview pane header" checkbox becomes ghosted.

Hope that helps! (all these boxes )

Duan Xuan
Pleb
posted 04-09-02 04:10 ET (US)     17 / 46       
Thank you, PtaW. But how am I going to view attachments without opening up the mail? Isn't that the same when you do so?

D XUAN
PtaW
Pleb
posted 04-09-02 05:59 ET (US)     18 / 46       
Hi again, DX

Well, of course, you would still have to manually open the individual messages and any attachments to view them, but you can choose not to and just delete the message unopened if anything looks suspicious. By having the preview pane off, the message obviously won't be previewed there first, which is where the potential danger would seem to lie. Although I'm no expert, I assume that your pc could be exposed by just previewing an infected message, though mouse (on whose furry feet I do not seek to tread, incidentally - just trying to help out a bit here! ) or one of our other esteemed tech gurus will no doubt be able to explain to you more precisely why it's dangerous.

[This message has been edited by PtaW (edited 04-09-2002 @ 06:03 AM).]

Duan Xuan
Pleb
posted 04-10-02 06:58 ET (US)     19 / 46       
Well, once my cousin sent me a mail and I had preview on. I received this virus and it got me rather scared. So I deleted it. Fortunately it wasn't very serious and I got it repaired. The virus was some lousy one called Kakworm or something like that.

But now I'm getting used to without the previewing pane.


D XUAN
mouse
HG Alumnus
posted 04-10-02 09:22 ET (US)     20 / 46       
Not too worry about my furry feet I'm good at keeping them out of the way All help is welcome since I don't use OE only know in the most general way how things work
PtaW
Pleb
posted 04-10-02 11:20 ET (US)     21 / 46       
Thanks, mouse
(pitter-patter of mousey feet in the background)

Good, DX, keep clear of these nasty viruses!

mouse
HG Alumnus
posted 04-10-02 14:56 ET (US)     22 / 46       
rofl lol
Duan Xuan
Pleb
posted 04-11-02 09:35 ET (US)     23 / 46       
I've got a question about signs of being hacked. What are the tell-tale signs of 'forced entry'?

I'm getting worried since recently I get lots of problems about server connections and nasty blue screens. And then before that I got this Kakworm virus. However, NAV told me that it wasn't a Trojan virus so these problems don't really make sense to me.


D XUAN
Windplume
Pleb
posted 04-11-02 15:58 ET (US)     24 / 46       
Tell-tale signs are trojan executables or other trojan related files.

Also, blue screens and connection problems can be caused by windows sucking.

Duan Xuan
Pleb
posted 04-12-02 06:58 ET (US)     25 / 46       
I've scanned and not trojan viruses were found.

Windplume, thanks. But I'm using Win98, how could it suck?


D XUAN
« Previous Page  1 2  Next Page »
You must be logged in to post messages.
Please login or register

Hop to:    

Caesar IV Heaven | HeavenGames