the world in a mouse click (sm)

Internet Security

Please see copyright information for this document

Email attachments
PPS files (PowerPoint presentation files)
Chain letters
Pirated software
Control who installs a piece of software on your machine
P2P (Point-to-Point) sharing software (Kazaa, Bearshare, Morpheus, Gnutella, Bittorrent)
Web surfing in a pop-up infested web
Anti-virus
Firewall
Spam

Email attachments Top

The main entry point of viruses these days is through email – so the biggest rule you need to follow is to NEVER open an attachment that you receive in an email if it is not legitimate. If you are not sure of its legitimacy, contact verbally, the person who sent it and ask them if they actually sent you the file.

For instance, if you go into Outlook or Outlook Express and find an email with an attachment from an unknown person or even a known person that looks strange or fishy…

Fishy E-mail

Do not open the attachment! Delete it and empty your deleted items folder in Outlook or Outlook Express.

Even if it comes from an “official-sounding” company or even a person in your address book, don’t. Call them, or send them an email asking them if it is legit. Being suspicious of attachments will save you from having your computer scrapped by an errant virus.

Even if you have an anti-virus program – do not trust it entirely. Some viruses can propagate before anti-virus companies have had the time to update their anti-virus definition files. During that period of time where the virus is first released “in the wild” and the update comes in on your computer, your machine is vulnerable.

PPS files (PowerPoint presentation files) Top

One special class of emails we get all the time are PPS “stories” or “jokes” from friends, family and other people who know us. It is important to note that PPS files can be used to run arbitrary code (ie: worms & viruses). Even if they are often used to make very nice presentations or stories -- if you get a story in PPS form from a friend or family, ask them if it is legitimate.

Chain letters Top

Chain letters are those stories that claim you will receive wealth, love, happiness, etc. if you send a copy of the letter to at least X number of people. Furthermore, if you don't, something bad will happen to you. One piece of advice: do not send them. They are annoying and a waste of time, the only thing bad that will happen to you is the worry you’re going to have for NOT sending it. It is all superstitious hogwash. Save the net a few precious bytes of bandwidth and just trash those messages.

Pirated software Top

Pirated software can often be infected. If a piece of software is worth having, pay for it. Get the original. Don't forget that real people have spent a lot of time and money writing the software that you use. They deserve to be compensated for their work and effort. If you cannot afford a piece of software – try getting an alternative that is less expensive.

Control who installs a piece of software on your machine Top

If a child comes home with a CD from school for a piece of software they want to install, put the CD in the machine during boot up so that it doesn’t execute the “autorun”. When the computer is up and running, you will have time to run a virus scan on it first. If it’s okay (assuming your virus scanner is not expired), then it’s pretty safe to install the program.

If you use Windows 2000 or XP, only the Administrator account (or equivalent others) may install software. If more than one person uses the same computer, it is wise to set up the additional users as limited accounts in Control Panel. This will allow that person to use the computer but not install software.

P2P (Point-to-Point) sharing software (Kazaa, Bearshare, Morpheus, Gnutella, Bittorrent) Top

These pieces of software let you share files over the net with perfect strangers. You can find (yes, pirated) music, movies and other assorted files from all over the planet. These pieces of software in some cases, when installed, will let others access parts of your hard-drive for file sharing purposes. Make sure you disable the upload side of the software if you do not want to expose your computer to strangers.

Stealing music is illegal and many people have been sued for such acts. You can, however, legally download music from services such as Apple's iTunes music store for $0.99 per song or $9.99 per album.

Web surfing in a pop-up infested web Top

Many websites will pop open extra windows when you browse and ask you if you want to install something on your computer:

Gator Warning

One word: DON’T! Most of these “freebies” are spyware used to collect information about you, your network usage, and can even insert buggy code that could eventually lead to the failure of your software or operating system. Not only do they violate your privacy, but it also slows down your machine. Finally, the email addresses they collect usually wind up on lists that get sold to spammers.

These type of windows are sometimes tricky because popup blockers do not stop them, and they may continuously appear if you click no. Keep clicking No! It will eventually go away. You may also receieve pop-up windows from web sites that do not look like the above image. Install a pop-up blocker if you want to avoid these things. Google, for instance, provides a built-in pop-up blocker with their toolbar:

Google Toolbar

Get a spyware remover like LavaSoft AdAware. Make sure you keep it up-to-date and use it regularly to scan your computer. If there are programs/bugs/etc. found, quarantine them, then go back and delete them (you may have to rescan in order to do this). Some programs you use may need these to operate. If you find later (after using different programs on your computer) that those files are actually not needed, it is safe to delete at that time.

Google Toolbar
LavaSoft AdAware
Spybot Search and Destroy

Anti-virus Top

As said in the Email section, many viruses propagate via email – aside from using your own judgement, the best protection against viruses is good anti-virus software. There are several packages available on the market; the most popular ones are made by Symantec and McAfee. Both provide protection against email-borne viruses and will also protect against worms & viruses that propagate through other vulnerabilities in Windows.

Usually, both anti-virus programs will warn you when your yearly subscription is about to expire. PAY ATTENTION. If it tells you it’s about to expire, do something about it! The $10 or $15 it will cost you to renew for a year will save you the equivalent of hundreds of dollars worth of heartache later on if you ever need to restore a machine that’s become useless because of a virus infection.

Grisoft also makes an anti-virus program, AVG Anti-Virus. This program is free for individual use, with free updates. The free version does not allow you to perform custom scans (it will scan the entire drive) and other tasks, but works just as well as the paid version.

Symantec
McAfee
Grisoft

Firewall Top

Most Windows machines are vulnerable to several forms of attacks. The best way to block these attacks is to get a good software or hardware firewall. Symantec, McAfee and Zone Labs make excellent software firewalls.

Computers with an "always on" connection (such as DSL) are more vulnerable because the attacker is able to try different intrusion possibilities over a period of time. The best defense though is a DSL router that you have between your DSL modem and your computer(s). Since these routers do “NAT” (Network Address Translation), they will hide your IP address from the outside world and generally block any unauthorized inbound accesses to any ports, thus protecting your computers from potential threats. Linksys & Netgear make very nice products that act both as Routers & Firewalls and cost less than $100, with the added bonus of sharing your high-speed internet connection between multiple computers as well.

Note: the current DSL modems provided by Eastex Net are routers, therefore an additional router is not necessary. Older modems that Eastex Net has discontinued to offer like the Creative USB and 3Com HomeConnect are not routers.

Symantec Firewall
McAfee Firewall
Zonelabs ZoneAlarm
Linksys Routers
Netgear Routers

Spam Top

Spam are those bulk email advertisings you get in your mailbox that you don’t want and have never asked for. If you’ve asked yourself how they have learned about your email addresse’s existance, here’s how they do it:

  1. They get them from websites you may have left your email address on.
  2. They get them from businesses who sell your email address for profit.
  3. They get them through “dictionary attacks” against email servers trying to guess at email accounts.
  4. They get them if you answer their emails or visit the websites they push for.
  5. They get them if you post publically to “usenet” and other public lists (web-boards for instance).

The rules to keep your Email relatively spam-free are the following:

  1. Never reply to a spam – it just confirms you exist
  2. Never click the Unsubscribe link – it just confirms you exist
  3. Never leave your email address on a website
  4. If you must leave an email address, use a throw-away email address like a Hotmail or Yahoo email account. Your private email address that you have with your ISP should only be used between friends, family, and coworkers.
  5. If you can, subscribe to an email provider or Internet Service Provider that offers an antispam filtering service or get your own antispam software.

Copyright Information

This document has been modified by permission to conform to Eastex Net specification. All content is Copyright 2004 Yves Lacombe.

More information and tips can be found in his original document.