Security Demystified: How to Best Protect Yourself Online
var name = "tanvir900";
var domain = "yahoo.com";
document.write('<a href=\"mailto:' + name + '@' + domain + '\">');
document.write(name + '@' + domain + '</a>');
Many a times I hear people asking about their personal computer
security; what tools to use, what to do and what not to do. You
have to understand that security is more about people and less about
tools and machines. 80% of security flaws, penetration and breaches
occur not because cheap machines are involved but because there
are people who are green in handling these machines.
This article will guide you through some of the basic steps that
will help you better secure your system:
Do not open any email attachment that you receive from anyone
without checking first - not even from your closest friends. If
you really have to open an attachment even from any trusted source
then query that source about if he/ she was supposed to send you
this attachment. If you get positive response from the source/
sender then and only then open an attachment. Otherwise don't.
It is a best practice not to open any attachment with extensions
like: exe, vbs, scr, bat, com etc. even if you receive them from
your trusted source.
If someone has to send you a doc file tell them to convert
it into *.rtf or *.txt format and then send. In MS Word you
can do this by going to File Save As and choosing RTF from the
drop down box named Save As Type. But the downside of changing
format is that you can lose a lot of formatting and embedded object
data, so documents from power users will sometimes suffer missing
If you must open any doc extension files, you can first use
one of those doc file readers available free on the net. You
can download a MS Word Viewer free from Microsofts site
Alternatively, you could convert the extension of the file (doc)
to text (txt) and then open it with your text editor and see what
the file is all about.
If you do decide to open it as a doc file in MS Word, first
go to Tools > Macro > Security and make sure you have set
the the security level to HIGH. This disables macros, which
may carry viruses and Trojans.
Through news groups many times you will get links to different
sites. DO NOT click on those URLs unless you are totally sure
about what they are all about. Those sites are often ruled
by warez kiddies and they will inject trojans in your pc or take
total control over your pc as soon as you log on to those sites.
In your email client turn off the 'receiving HTML mails' option.
Avoid receiving HTML mails as if at all possible. In Eudora (free
click Tools --> Options --> Viewing mail, and make sure
you do *not* have a check mark next to "Allow executables
in HTML content.") And avoid using MS Outlook Express as
it has a long history of automatically installing viruses and
Trojans on your computer even if you don't open infected emails.
Also avoid Outlook (not express) prior to Windows 2000. Outlook
XP seems to have okay security overall, but still fails because
of its reliance on Internet Explorer - which has a lot of flaws.
Outlook and Outlook Express are the prime targets of virus writers
becasue of their massive use. These programs will also cause you
extra headaches becasue you have to often update them with security
patches and whatnot. All the virii that we have seen lately attack
MS Outlook Express. There are better substitutes for it such as
For 24/7 security you can use an antivirus program that
will scan emails for malware, scan sites before you connect to
them and provide real time scanning. I know of at least one that
does all these - Trend Micro
PcCillin. You can also use AVG
AntiVirus; its free for home users and seems to work
Do not give out your information on the net. While surfing
the web you will see that there are sites that will ask for your
personal information. The first question you should ask is - "Can
I lie to them and still get the thing I want?" If yes, please
lie, fake your personal information. Do not give information about
yourself and hide out information about yourself as long as you
Avoid using Internet Explorer (IE) if possible. You can
use one of the best browsers around: Mozilla
Disable JAVA and Active X. To do this under MS IE, move
your default-browsing zone to High security in Tools-Internet
Options. This switches off 90% of MSIE exploits. You don't have
to enter the sites that don't let you enter without Java and Active
X enabled. Know how to read cookies and take a close look at them.
Use software like cookie crusher and every time you log online
crush all your previously received cookies. If you have to use
IE then make sure that you run Windows Update at least once a
Use at least one personal firewall software. Zone
Alarm (ZA) is a good one but others are available and new
ones are coming up everyday. Use at least one Intrusion Detection
Zone is a good one that is compatible with ZA.
Now, lets see what ports are open in your system. Type
netstat -an from your command prompt to see which ports are open
in your system both on and off - line. Try to get information
on every port about what they do by searching the net. If you
get ports like 31337 open and listening then you are in real danger.
So try to control ports that are open and make sure that you know
their functions. Also, in Windows close all ports from 137 to
139; that is, disable anything regarding NetBIOS file sharing.
Beware when using chat programs like IRC, ICQ, Yahoo!,
etc etc. What happens is that when you use these to chat with
your friends there is a peer-to-peer connection occurs between
you and your friend. That is, your IP address is exposed leaving
room for the other person to scan your computer looking for ways
to break in. For this, if you must use those chat tools then go
through a proxy. This will at least help you to hide your real
One choice is to use MSN Messenger. In messenger you are
connecting through the MSN Server. So, your real IP is not shown.
But if you transfer files then it established a peer-to-peer connection
and your IP is exposed to your friend.
You <------------> MSN Messenger Server <------------->
You <----------> Your Friend.
But whoever gives you this 'server-in-the-middle' technology
like MSN, you should finger (port 79) their server to see if finger
option is enabled and whether it gives away your personal information.
But never accept any files through MSN Messenger from anyone
unless you are absolutely certian who they are. There is at
least one MSN Messenger worm on the loose. For better safety you
can use the MSN Messenger PGP-Plugin. The URL is: http://www.commandcode.com/index_flash.html
Use PGP encryption whenever you odn't wnat anyone snooping on
your message. For more information regarding PGP and cryptography
go to: www.pgpi.org.
They have got some of the finest papers written on PGP that comes
along with the software PGP itself.
Upgrade your Antinvirus protection regularly. Six-month-old
signature files wont guarantee you a virus free pc. You
always have to upgrade your AVP. For best results upgrade your
signature every week for new variants are coming out everyday.
Also avoid booting from floppies. Go to your computer's BIOS (hit
the delete key while booting up , before your operating system
starts loading) to disable booting from floppy. This will prevent
boot-sector viruses from attacking your pc.
Set Explorer to show file extensions. For this go to Windows
Explorer/ My Computers > Tools > Folder Options > View
(tab) > and uncheck the Hide File Extension For Known
File Type box. This will help you to avoid clicking on hoaxes.
For example, a file viewed with the hide known extensions option
may look like "harmlessfile.doc". But with this option
disabled, it will show the extension, which may reveal that this
file is actually "harmlessfile.doc.exe".
In the above text I have tried to cover some generic information
regarding how-to secure your system. There are some other areas
I have not covered like: physical network security, operating
system specific security, mainly Linux and W2K. To best secure
your system you should know the operating system you are using
like the back of your hand. But I hope this tutorial will help
you starting up from ground zero.