(Computer) SECURITY RECOMMENDATIONS - David Woodsmall

Complete Guides, Recommendations, HowTos, & Advice on Defending Your Computer

5/08/2008 - Optimized for Firefox 2.0.0.14

COPYRIGHT 1992 thru 2008 - David R. Woodsmall

Use at your own risk - I'm trying to help

Feel free to link to any of my pages

COMPLETE COMPUTER SECURITY INFORMATION
 Virus Info Computer infected??? Bugs/Recalls/Scams/Warnings

INFO JUMP TABLE

MUST DOs | Bugs / Recalls / Scams / Warnings | Codewords | Data Security | Disguise your Email address | Email | Firewalls | Instant Messengers | I USE THESE ITEMS FOR PROTECTION - THIS IS OVERKILL | MUST DOs | Malware / Spyware Checkers | Passwords | Password Safes, Encrypted | Picture Software - free | Plain Text | Ports | Preview Pane | REFERENCES | Registry Fixes / Problems | Resources, other, Related | Security Information - Complete | SHOULD DOs - more technical | SPAM Information | Suggestions | Telephone Security, Portables | TeleMarketers - Block Them | Updates | Viewers - free Microsoft | Virus Checkers | Virus Information - Complete | What to do if you suspect you have virus or malware problems | WHERE is this IP address located and who owns it Windows TIPS | UPDATING WINDOWS Wireless Security |

RECOMMENDATIONS - MUST DOs

Remember, information about you is on your PC, perhaps even your SS#

PROTECTING YOUR COMPUTER

1) Get & Install the latest Microsoft Windows security updates. This can be done automatically in lots of versions of Windows. OR Recent versions of Microsoft's Internet Explorer have a pull-down to access Your computer, and recommend needed Windows Updates: Select Tools -> Windows Update You will have a chance to decide whether or not to install particular updates. NOTE: Microsoft generally releases updates on the SECOND TUESDAY of the MONTH. Other Operating systems are also under virus attack - check for security updates. Click here for Linux virus information 2) Make your file extensions visible: Open Windows Explorer or any folder window and click: Tools->Folder Options->View Ensure that the option Hide file extensions for known file types is UNchecked. Files that are executable (such as .com, .cmd .exe,...) are more dangerous than others. Click here for more information 3) Avoid using any Instant Messages - or at least buy Norton's 2003 (or later) NAV (NOT 2003 virus-signatures for 2002 NAV - only 2003 [and later] NAV checks IMs). Most reliable virus checkers now check Instant Emails, but do they check the IM that you use? Click here for more information on IM problems 4) Shutdown (turn off) the Java Console (even recommended by Microsoft) 5) Microsoft says TURN OFF JAVASCRIPT if you are running Internet Explorer. This may cause some websites to not run correctly. 6) Check for Security updates for any software that you are running. Almost all software has had security problems which can allow identity theft or other destruction. Click here for some sites that cover these security breaches Click here for more information on IDENTITY THEFT

PASSWORDS

7) SET YOUR ADMINISTATOR PASSORD (ensure that you remember it!) 8) Do not pick simple passwords - combine upper case lower case and symbols. 9) Make passwords at least 10 characters in length 10) Do not use birthdates, names of relatives or pets as part of your password. 11) Do not use words found in a dictionary as passwords nor as part of passwords. 12) I'll soon have a list, here, of easily cracked passwords See also Encrypted Password "Safes" - Click here

EMAIL

13) Do NOT open/read/view Email from unknown persons. 14) Do NOT open attachments that you are not expecting. NOTE: There are now viruses that transmit themselves withOUT attachments. 15) Consider using an agreed-upon codeword in your emails that send attachments to people with whom you exchange attachments. The codeword SHOULD mean that: A) You sent the attachment, not a virus B) That you checked your system and it is virus-free I use "PACKRAT" as my codeword. Other people are using my idea, and using their three Initials as their codeword. 16) If possible, Close your Email Preview Pane (window). (some viruses can be launched from the preview pane, without your opening the Email itself): In Microsoft Outlook 2003, click view and make sure AutoPreview is UNselected. In Mozilla Thunderbird, click view -> Layout and confirm that Message pane is UNchecked. Pressing F8 toggles the preview pane on or off. In Outlook Express 6, click view -> Layout and ensure that Show preview pane is UNchecked. 17) Optionally, Read your email in plain text (not HTML), as some malware uses HTML. Note that by not using HTML, any interesting effects created by HTML will not be observed. In Outlook 2003, click Tools -> Options -> Preferences -> Email Options and check Read all standard mail in plain text. 18) Optionally, consider using a non-Microsoft Email program, such as Mozilla's free Thunderbird, or Opera. There are a lot of viruses written specifically for Microsoft's Outlook, Outlook Express and their Address Books. NOTE: Thunderbird 2.0.0.14 is out. NOTE2: Mozilla is donating Thunderbird to the public (making it open-source) - at some point in time, Mozilla will stop supporting Thunderbird (9/2007). Find the Best Email Software and Services - About.com 19) Optionally, consider disguising your Email address to confuse Email address gathering bots, or use throw-away wmail addresses. Click here for more information

ANTI-VIRUS - Use Virus Protection

20) Always run a well-reviewed VIRUS Checker Set it up to automatically get updates whenever you power up. I always check for updates before checking Email or Browsing I strongly suggest changing the scan option to scan ALL File types. The Importance of Protecting Your PC from Viruses and Spam (SCROLL DOWN) How Do I Know When a Virus Hits My Computer? Viruses and Malware have been found in JPGs, PDFs, Word documents, Bluetooth Phones, etc. COMPLETE LIST OF FILE SUFFIXES TO CHECK FOR VIRUSES 64-Bit Anti-Virus Programs (AMD64 / EM64T / x86_AMD) LINUX Virus Checkers On-line Virus Checkers

ANTI-MALWARE/SPYWARE PROGRAMS - Use Malware/Spyware Protection

RUN SEVERAL AdWare/Malware/Spyware DETECTORS. 21) Install and run the (so far) free Microsoft Windows AntiSpyware program. The Spyware portion is supposed to be free. 22) Install and run the (so far) free Microsoft Windows Malicious Software Removal Tool (KB890830) - XP, WIN2K & WIN2003 ONLY. Windows Malicious Software Removal Tool - March 13, 2007 (KB890830) Version 1.27 (seems to be updated monthly, but has no update 'button") 23) Run the free ADAWARE to find spywhere, often Download the new/free AdAware SE Ver 1.06r1 Definitions file: SE1R148 04.02.2007 24) Occasionally run the free SPYBOT Search & Destroy - finds more spyware Spybot Search & Destroy Version 1.4 is out. 25) Run a "Windows Washer" program to remove temporary files, etc. I am currently using Webroot's Window Washer. 26) I have now added the free BHOdemon2 - which tracks/removes Browser Helper Files - files that are plugged into Internet Explorer and may be Good or BAD. BHOdemon2 can tell you about most BHO, including whether or not they are Spyware. Version 2.0.0.23 is the current version. UNFORTUNATELY, BHOdemon2 is no longer being updated - guy had a housefire. Click here for more information about BHOs A) I also occasionally use the free CWShredder - a CoolWebSearch Trojan Remover. Version 2.19 is the latest. B) If all else fails, purchase the highly rated Spy Sweeper, $30/yr, $ 40/2 years. Version: 5.5.7 (build 124) is the latest. C) I am also using, purchase SpyWare Doctor - $30 Version 5.0 They offer a free scan, but charge the $30/yr if you want to remove the pests. Click here for more information on Malware

DISCONNECT FROM THE INTERNET WHEN NOT USING IT

27) If your cable modem has a switch that disconnects the modem from the Internet (your ISP), consider disconnecting from the Internet when you are not actually using the Internet (I do this). This prevents attacks on your computer when you are not using it. Newer (post 2003?) Motorola cable modems have this disconnect switch.

FIREWALLS

28) Always run the free ZONEALARM software firewall The one real advantage of a Software Firewall, such as Zone Alarm, is that it can prevent Malware on YOUR computer from sending your private information OUT to the bad Guys - A harware firewall, while necessary, can not prevent Malware on your infected computer from sending your private information (bank acoounts, Social Security number, Passwords, etc.) to the Bad Guys, to be used to wipe out your bank accounts or steal your identitiy. The free version 6.1.744.001 is now available. There are other brands, but this is my personal favorite. Zone Alarm Pro, version 7.0.462.000 is available seems to work OK (I use it). Click here for more information about Firewalls Click here for more information about Software Firewalls 29) Check to see that your computer ports are closed (against hackers) Your computer has thousands of "ports" that can be used be programs accessing the Internet. Few of these ports need to be "open" (available for use by programs). An open Port can be used by malicious software to gain access to your computer and/or information on your computer. A lot of valuable-to-hackers information is stored in temporary files on your computer - files that you do not even know exist. These open ports can be accessed by Malware both on your computer, and not on your computer (on the Internet). Some commercial software, such as Webroot's Window Washer attempt to remove these dangerous repositories of potential identity theft. Norton (Symantec) and other companies make similar products. The Windows (DOS) command: netstat -an will list all your open ports. (Start->Run->then type "CMD" and press enter. Then enter the command: netstat -an. For a list of netstat options, enter the DOS command: netstat /? Batten Down Those Ports Symantec Security Check Click here for more information about computer ports 30) I also suggest a hardware firewall (check with BestBuy, or a similar place) - Hardware firewalls are often built into Ethernet/cable and DSL routers (you may have one). Preferable get a firewall with either Stateful or Stateful Packet Inspection. Hardware Firewalls are now fairly cheap ($30 - $ 100 - ask at a reputable store, such as CompUSA, Best Buy or Circuit City [among others]). Hardware Firewalls can do a better job of protecting your computer from from incoming attacks, than a software firewall. Click here for more information about Hardware Firewalls Even better, there are now (more expensive) DPI Firewalls.

31) KEYLOGGERS / KEYJACKERS

A Keylogger's main purpose is to capture keystrokes made on your keyboard. Captured keystrokes can yield your login IDs and Passwords. Because the keylogger is programmed to hijack data from the IE "Protected Storage Area," Eckelberry recommends that IE users turn off the browser's "AutoComplete" feature. That can be done by unchecking the pre-checked boxes via Tools > Internet Options > Content. The data stored in that IE feature is very lucrative for identity thieves. The browser's AutoComplete tool is used to store all data entered on HTML forms when purchasing products over the internet or filling out personal information like addresses, phone numbers, and Social Security numbers. It also has a feature that stores usernames and passwords for Web sites that require you to login. One example of this is online banking Web sites that include Web-based mail servers like Hotmail or Gmail, he explained. Some commercial software, such as Webroot's Window Washer attempt to remove these dangerous repositories of potential identity theft. Norton and other companies make similar products. These products, as far as I know, don't remove keyloggers, just some of the data that keyloggers try to steal. Click here for more information about Keyloggers/Keyjackers 32) ENCRYPTED PASSWORD "SAFES" There is software available to protect your passwords and to provide them to sites without you entering the passwords, preventing keyloggers from capturing your passwords by logging your keystrokes. I do not know how well these programs work, one of them I've recently read about is: RoboForm 6.6 (ENCRYPTED PASSWORD PROTECTION) A friend uses/likes it (it is not free). RoboForm creates complex passwords for you, and keeps them encrypted. RoboForm then supplies the passwords then needed (you don't type them). You can get a printout of your encrypted passwords for a backup. RoboForm review RoboForm download site. COMODO I-Vault - Free Password Management

BROWSING the WEB (Internet)

33) Use Mozilla's Firefox instead of Windows Internet Explorer. (Note that Internet Explorer 7.0 has been released, if you prefer it) Version 2.0.0.13 is now out There are a lot of exploits written to take advantage of the Internet Explorer. NoScript - Version 1.6.4 - Extension for Firefox - YOU NEED THIS PROTECTION NoScript blocks Cross-Site Scripting (XSS) 34) Remove temporary files and addresses of web sites that you have visited, after you are down browsing. Most web browses (Firefox, Internet Explorere,...) have options that allow you to remove all temporary files, buffers and web addresses, automatically when you exit your web browser. Examine your Browser's security options for a means of deleting these potentially dangerous files, A lot of valuable-to-hackers information is stored in temporary files on your computer - files that you do not even know exist. Some commercial software, such as Webroot's Window Washer attempt to remove these dangerous repositories of potential identity theft. Norton and other companies make

35) PHARMING

Pharming - Pharming goes one better than Phishing, so that when a user enters a perfectly legit URL of their choice (like their bank) they are hijacked and taken to the criminals' faked site.

36) PHISHING

Phishing - phishing uses social engineering to convince users to enter personal information onto a faked site that collects the data for the criminals.

37) SPEAR-PHISHING

Spear-Phishing is a variation on phishing that targets employees at specific organizations. Click here for more information on Spear-Phishing

38) POP-UPS - Block them

Shutdown the POP-UPS from Windows Messenger Service If POP-UPS persist, get POP-UP Blocker Software (still shutdown Windows Messenger Service)

OTHER SITES WITH COMPUTER PROTECTION TIPS

R.U.N.S.A.F.E. Ten Commandments of PC Security

WHAT TO DO IF YOU THINK YOU HAVE VIRUS / MALWARE PROBLEMS

How Do I Know When a Virus Hits My Computer? Free malware check - are you Infected or Not? « Computer Helpers ... Are You Infected? Detecting Malware Infection A) Try running all of your anti-virus and anti-Malware programs, if the virus or malware program will let you run them (lots of viruses try to cripple your anti-virus program) ONLINE VIRUS CHECKERS ONLINE MALWARE / SPYWARE CHECKERS nanoScan - online Malware/Virus scanner - recommended by PC Magazine B) I also occasionally use the free CWShredder - a CoolWebSearch Trojan Remover. Version 2.19 is the latest. C) If all else fails, purchase the highly rated Spy Sweeper, $30/yr, $ 40/2 years. D) I am also using, purchase SpyWare Doctor - $30 They offer a free scan, but charge the $30/yr if you want to remove the pests. In my personal opinion, I prefer Spy Sweeper. E) If the Virus will let you, go to a web site that does free virus scanning and fixing online (from their web site). F) If the virus prevents you from accessing anti-virus sites, and has disabled your virus checker, you could (for knowledgable users) boot up a Linux CD with anti-virus programs in it, that run from Linux to check Windows systems. Click here for more information G) use Hijack This to capture data for experts to decipher for you H) What to do if your system is infected - CERT What to do when a virus is found on a computer Dealing with an infected PC - Malware - Microsoft Disinfecting macro viruses - Sophos How to Remove Spyware From Your System - Youri Durmascu Procedures to nurse a sick and quarantined Windows computer back to health BOOT CDs & FLOPPIES I) Check with these free help sites For more information on VIRUSES, Click here For more information on MALWARE, Click here For more information on SPYWARE, Click here For more information on ADware, Click here

SHOULD DOs - More Technical

1) Set your Internet and Intranet trust Levels 2) SPAM filters - you may want to consider them. Spam-Proof Your In-Box 3) Your passwords are probably easily revealed 4) No-Cost Ad Blocking 5) Block Web Ads 6) Read & follow PCworld's 10-step PC Security suggestions 7) Let Windows Handle PC Maintenance for You - schedule tasks 8) What is running on your PC - USE CAUTION IF YOU REMOVE ANYTHING

SUGGESTIONS

Data Security Suggestions

1) Do NOT store your Social Security Number on your computer - it is too easily stolen - nor your bank or sotck account passwords. 2) Remove all Turbo Tax (or whatever you use) information immediately after you are done with it (store it on CD or Floppy disks - somewhere not on your computer) - and avoid going online as much as possible, while this data is on your computer (spyware may steal your data). 3) Never store any of your passwords on the computer (in plain text form [ie, only if encrypted]). 4) Never store your 401K or Bank Account numbers permanently on your computer. 5) To file Identity Theft complaints with the Federal Government. 6) Consider using encryption for valuable data (too much trouble for most of us).

General Suggestions

Don't install Demo programs unless you are really interested - their installation or removal may cause problems

FREE Picture/Graphics/Slide Show Software

Get the Free Graphics/Picture editor/slide shower - IRFANVIEW Irfanview from Tucows JPEGcrop - free Lossless JPEG cropping tool Click here for other great picture viewers/editors

REGISTRY FIXES

It is a good idea to back up your Computer Registry files before making any changes. Windows XP makes a backup everytime that you reboot, so that you have the option of going back. For older versions of Windows, you may need to manually create a registry backup. I am using Registry Mechanic 6.0.0.780 to both create backup copies of my Registry files and and fix Registry problems. NOTE - you can usually find good deals/rebates when buying several Norton products at once. Try One of these sites, including CompUSA. Personally, I do NOT recommend installing Norton's Internet Security - I have heard that it will not allow itself to be un-installed (2004). This is my personal opinion, only. I also prefer ZoneAlarm. 1) I use (Symantec) Norton Utilities WinDoctor to scan for, and fix Registry problems. (Registry problems can cause your system to run slowly, or not run at all). 2) Lately, I bought and use the Highly recommended Registry Mechanic 6.0.0.780 to find and fix Registry problems - it found and fixed several hundred more problems than did my 3 year old copy of WinDoctor.

TELEPHONE SECURITY - PORTABLE PHONES

1) Do NOT use analog portable phones - anyone can eavesdrop. 2) Get only Digital phones that use ENCRYPTION.

TELEMARKETERS - SLOW THEM DOWN

1) Get an UN-listed phone number 2) Get a "TeleZapper" - $50 (I think there are now some for $39) Radio Shack, Best Buy,... sell TeleZappers. A) TeleZappers generate a tone that tells automated calling systems that your phone number is not good. B) Newer automated calling systems supposedly ignore this tone, but TeleZapper works for me. 3) List yourself with the national Do Not Call List NOTE - this is somewhat scarey as: A) It expires in 2008 ? - then "they" have your phone number B) It won't block off-shore telemarketers Do Not Call Registry Violation Complaint - www.donotcall.gov 4) Consider Caller-ID - but why should we need it? 5) Consider blocking incoming calls that do not identify their phone number (I don't know what this costs - requires Caller-ID). Check with your telephone service provider for costs and implementation. 6) The FCC requires phone companies to provide a FREE service whereby you can press a few buttons after receiving a harassing phone call, and the FCC will go after the caller, even removing their phone service. DO NOT BUY CALLERID, which they push, DEMAND THIS SERVICE.

Free Viers for Microsoft products

Office Online File Converters and Viewers

WINDOWS TIPS

Windows Tips

WIRELESS SECURITY

1) Always use Encryption, preferably WPA2 A) WAP - Click here for more WAP info A) WEP - Click here for more WEP info B) WPA - Click here for more WPA info C) WPA2 - WPA2 (WPA2) so far (9/2006) is the strongest wireless encryption publicly available. Use WPA2 if at all possible. 2) Always use MAC addresses to block unknown users (set your hardware to only accept connections from known hardware MAC addresses). Because too many people know the defaults and too many users never change the defaults: 3) Always change the Router/Access point/Switch/Hub's login name of the Administrator account 4) Always change the Router/Access point/Switch/Hub's Administrator's password 5) Always change the Network Name (often called the SSID) Click here for more information on Wireless Security

I USE THESE FOR COMPUTER PROTECTION

This is definitely overkill - you do not need all of these

A Hardware Firewall/Switch/Cable Modem (DLink's Gigibit DGL-4100) ZoneAlarm Pro - YOU probably just want the free ZoneAlarm personal version Symantec's Norton's Anti-virus (NAV) 2006 Webroot's Spy Sweeper 5.5.7 (build 122) - $30/yr 0r $39/2 years Spyware Doctor version 4.0.0.2618 - $30 Spybot Search & Destory 1.4 (free) Ad-Aware SE 1.06r1 personal OR Ad-Aware SE PLUS ($27) BHODemon 2.0.0.23 - now not supported, due to a house fire Webroot's Window Washer 6.5.0.1096 Microsoft's Defender 2.0 Beta Microsoft's Malware Removal Tool I occasionally run Trend Micro's FREE CWShredder I always install all Windows XP & Microsoft software updates as soon as they are released. Note that Microsoft releases Windows updates on the Second Tuesday of each Month. Occasionally, there will be an emergency release on other days. For really stubborn (FREE ?) Browser Hijack problems, try HijackThis Version 1.99.1 - highly recommended, although I have not had the need to use it.

TO UPDATE MICROSOFT WINDOWS XP

1] Open an Internet Explorer window (You must use IE, not Firefox, Opera,...). 2] Click on Tools and select Windows Update 3] Then follow instructions. 4] Do this regularly, at least the SECOND WEDNESDAY of every month. While Microsoft updates come out the SECOND TUESDAY of every month, sometimes the updates are released about 6 PM Eastern Time, so I suggested Wednesday. I also have Registry Mechanic 6.0.0.780 to fix the Windows XP Registry.

PROTECTING YOUR COMPUTER HARDWARE

You should seriously consider putting ALL of your computer hardware on a good Surge Proector - ALL cables/wires going to your computer should be surge protected. This includes any Ethernet and Phone wires (if you use them with your computer), and your cable modem's Cable (if you use a cable modem). EVERY electrical path into your computer should be filtered by a surge protector to cut down on the risk of surges destroying some or all of your computer. Click here for more information

SOME OF MY OTHER RELATED RESOURCES

64-bit Security Software 64-bit Virus Checkers Acronyms/Glossary PC/SAN/NAS/QA/Wireless/Linux/Network/Video/Pharma/WIN/wms.. Advisories, Security & Virus Adware Articles on Computer Security Articles on Viruses and related problems Backdoors Bluetooth Books - Woodsmall's Recommended Technical Books Boot Viruses Browser Security Cookies Email viruses Encryption Ethernet / 802.xx Firewalls Glurges Hardware, Protecting your Identity Theft Instant Messaging (IM) IP Filters/Filtering, Port Forwarding & IP Firewall Administration IP Masquerade keylogging / keyjacking Linux Security Linux virus checkers for Windows and Linux Malware Modems PDA viruses Popups Phone viruses RAID Registry fixers Root-kit hacks SPAM Spyware Trojans Vandals Virus Information Web bugs WHERE is this IP address located and who owns it Wireless Security Worms

REFERENCES

Security / Virus Books Complete Computer Security Virus Info Woodsmall's Recommended Technical Books

OTHER RESOURCES - Caveat Emptor

Spyware Background Info - encyclozine

OTHER INFORMATION