Alan
E. Mann, AG
alan.familyhistory@gmail.com
Accredited
Genealogist
Keeping
Your PC Safe
From
Viruses, Hackers, Spoofers, and Identity Thieves
This
session deals only with Windows computers and the bad stuff that can happen to
you or your computer. Most of this discussion will focus on Windows XP, but
applies to most others Windows OS’s. If you use an
older version of Windows, consider upgrading to at least XP. First, some
definitions courtesy of wikipedia.org:
Virus:
a self-replicating program
that spreads by inserting copies of itself into other programs or documents.
While viruses can be intentionally destructive (for example, by destroying
data), many other viruses are fairly benign or merely annoying. However, the
predominant negative effect of viruses is their uncontrolled self-reproduction,
which wastes or overwhelms computer resources. Anti-Virus software was
originally designed to protect computers from viruses, has in turn expanded to
cover worms and other threats.
Phishing
(also known as spoofing): the act of attempting
to fraudulently acquire sensitive information, such as passwords and credit card
details, by masquerading as a trustworthy person or business with a real need
for such information in a seemingly official electronic notification or message
(most often an email, or an instant message). (See an example.)
The term phishing comes from the fact that Internet
scammers are using increasingly sophisticated lures as they "fish"
for users' financial information and password data.
Pharming:
an attack in which a user can be fooled into entering
sensitive data such as a password or credit card number into a malicious web
site that impersonates a legitimate web site. It is different than phishing in that the attacker does not have to
rely on having the user click a link in an email to deceive the user-- even if
the user correctly enters a URL (web address) into a browser's address bar, the
attacker can still redirect the user to a malicious web site.
Hacker:
one who subverts computer security without authorization
or indeed, anyone who has been accused of using technology (a computer or the
Internet) for terrorism, vandalism, credit card fraud, identity theft,
intellectual property theft, and many other forms of crime. This can mean
taking control of a remote computer through a network, or software cracking. This is the pejorative sense
of hacker, also called cracker or black-hat hacker or simply
"criminal" in order to prevent ambiguity.
Adware: any computer program or software package in which
advertisements or other marketing material are included with or automatically loaded
by the software and displayed or played back after installation or in which
information about the computer or its users is uploaded automatically when the
user has not requested it.
Spyware:
a program that
includes code that tracks a user's personal information and passes it on to
third parties, without the user's knowledge or consent. The line between adware and spyware is fuzzy when
the adware behaves as spyware,
but the “user consent” is buried in a user license agreement which most users
never read.
How do I protect
myself from this “Bad Stuff”?
You get protection in the form of
software and you “practice safe computing”
Protection software
includes, Antivirus software, spyware protection
(usually covers adware), and firewall protection. A
package which tries to do all of these things may be called a protection
suite of programs.
Virus protection software: our computers need to be protected from malware infection. Potential sources for infection include
diskettes (from clients, fellow researchers, potential relatives…), CD-ROMs,
flash drives, the Internet, and networks (particularly
wireless). McAfee and Norton are the leaders in virus protection, and Microsoft
Live One Care is new, but a free alternative is AVG AntiVirus
(free.grisoft.com).
Useful links:
Symantec
Antivirus Research Center www.symantec.com/avcenter/
DataFellows
Virus Information Center www.datafellows.com/vir-info/
Reviews of Anti-virus software http://antivirus-software.6starreviews.com/
Virus
Bulletin Home Page www.virusbtn.com/
NIST
Virus Information Page http://csrc.nist.gov/virus/
McAfee Virus
Pages www.mcafee.com/
Sophos Virus Information
www.sophos.com/virusinfo/
Unfortunately, your virus education isn’t complete
until you know about hoaxes. Many good intentioned emailers
forward messages about a terrible threat on to their acquaintances. In a short
time, millions of messages are being forwarded around about a virus that never
existed. Check out virus reports at www.vmyths.com/,
http://hoaxbusters.ciac.org/
or at http://kumite.com/myths/
before passing them on.
Spyware protection software. There are many, but the most popular is Spybot,
available free at www.majorgeeks.com/download2471.html.
However, Spybot can miss some types of spyware. I suggest you use the free scan available at http://pestpatrol.com/prescan.htm
to see if Spybot missed anything. This scan is free,
but you have to buy the product to have it remove any “pests” that it finds.
Security/Firewall protection
software. A computer
firewall refers to a piece of hardware or software which prevents undesired
transfers of information or other communications forbidden by your policy. It
has the basic task of preventing intrusion from a connected network device into
other networked devices. It is needed if you connect your computer to any type
of network, including wireless networks (business, home, school, library, or ?) and the Internet. When you connect to a network, other
computers on that network may be able to steal information from your computer,
put viruses on your computer, or use your computer to commit an illegal act
which could be traced back to your computer. A firewall is an attempt to block
these attempts. Connecting to the Internet or any network without firewall
protection is asking for serious trouble! Windows XP comes with a basic
firewall, but a more robust firewall is advisable. To check your computer for
security vulnerabilities, use Nessus 3, available
free at www.nessus.org/download/nessus_download.php.
Practice safe computing.
Use common sense. Don’t open
an email attachment if you don’t know the sender. Don’t click on links that say
“click here to verify your bank account.” Don’t respond to email messages that
ask you to give a password or verify your Social Security number. If you
receive a message that claims to be from your bank asking you to verify
something, CALL them.
Operating System (OS) updates – occasionally, Microsoft releases updates that correct problems with
their OS. More frequently, Microsoft releases “patches” that close loopholes (vulnerabilities)
that hackers use to cause problems. No matter what OS you use, you should
download updates! When patches and updates since the original release of the OS
are numerous, Microsoft will release a Service Pack. A service pack is just the
combination of all the patches and updates since the OS was first released. A
second service pack will only contain the patches and updates since the
previous service pack.
Use Firefox or Opera – use a less security-flawed web browser. Firefox
is a smash hit. In the fourth quarter of 2004 alone, 5% of Internet Explorer
users switched to Firefox. Maximum PC says using Firefox is the
number 1 strategy to protect a PC.
Make regular backups and store one backup offsite (on the Internet or at work?). Update the
offsite backup often—ask yourself how much data can I afford to lose?
Learn more about your system--how to configure, improve, & troubleshoot. Use:
§
www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/app_taskman.mspx
§ Google and wikipedia.
Getting more from what we have
Right now, most of us use Windows. There will be a shift to Linux or
other “open source” software soon. There are several Windows concepts that are
important:
· 
Windows Explorer ( E) – Use it;
folder options & file associations.
· Windows Task Manager varies according to which OS you’re using. I recommend XP. The task
manager has four tabs—applications, processes, performance, and networking.
There is a lot of information available in these four panels. Watching the data
on the performance panel can help diagnose or prevent problems.
· System tray and startup. The task bar at the bottom of the screen has a notification area
(formerly called system tray). Every icon in that area represents a process that
is using your computer’s resources. Know what each icon is. Close unnecessary
processes to conserve resources and make your system run faster. When you
reboot, they may come back. To permanently remove them, use www.windowsstartup.com, a
utility that tells you what each process does and whether it is safe to remove
it, then will remove it at your request. For processes that are running but not
listed at WindowsStartup, see www.answersthatwork.com/Tasklist_pages/tasklist.htm.
· Be careful using flash drives (pen drives, key drives, jump drives or a
variety of other names) for sending/receiving/carrying data. Use the “unplug” icon in the
notification area to stop flash drives before removing them. Failure to do so
may result in loss of all data on the drive. The U3 drive has two drive
letters— only one will allow you to save. New, less expensive, search for Avixe at www.newegg.com.
· If you want to use wireless networking, be aware that anyone with a
wireless computer near your home can see the files on your computer. You need to launch the startup instructions
for your wireless in your web browser and set a WEP key (Wireless Equivalent
Privacy). For complete information on what all this
means and how wireless works, see http://computer.howstuffworks.com/wireless-network.htm.
|
|
©Copyright 2004-7 by Alan E. Mann. All rights reserved. Written permission to reproduce all or part
of this syllabus material in any format, including photocopying, data retrieval
or the Internet, must be secured in advance from the copyright holder.