You may go directly to the navigation menu after the content.
Here we are surfing the web, and many (most?) of us don't have any idea what is going on in the background. We'll give you some samples on how to help you protect your privacy and keep your computer functioning normally. We thought you would be interested.
For links to other sites, right-click on the links and choose "Open in New Window."
Please note this page hasn't been updated for awhile. I stopped using Microsoft Windows operating systems more than 17 years ago, and I tire of trying to keep up with the constant loads of new Windows security issues. However, most of the advice given here, if not the actual links shown, is still relevant. The Email Obfuscator still works just fine.
Before we start, let us recommend to you Windows users, that if you are still using Windows 95, you should upgrade to at least Windows 98 SE (Second Edition).
If you don't have an anti-virus program, GET one. If you haven't updated its signature file for a couple of weeks, you are vulnerable. These are free and frequently updated virus programs:
Avast is also a very
well recommended anti-virus program, with all recent versions scoring high by
companies that test a-v software. Your webmeister uses this one.
AVG Anti-Virus
Personal Version is widely recommended and has automatic updating. It's
free for residents of North America and the U.K.
H+BEDV AntiVir ( 22 Jan 2003: This link was not functioning. )
is also a free personal version of a corporate product, this one
from Germany.
Before installing a new AV program, uninstall or totally disable your old program, including removing it from auto-start.
Don't open email attachments from people you don't know, or even if you do know them, scan if first with your anti-virus software. Many of our friends have been hit by nasty viruses recently.
You Need A Firewall. Period. If you are connected via a fulltime cable modem or DSL connection, your PC is being probed all day long. Some of this is random IBR, but a lot of these probes are real hack attacks. You are still vulnerable even if you connect by telephone dial-up. These are free (follow links to free downloads):
ZoneAlarm is more for the novice, and Kerio and Tiny are more powerful, more configurable, but you should know a bit more about internet protocol.
Learn how to configure your firewall, then test your computer at
www.grc.com 's
Shields Up!!, or at
www.hackerwatch.org
.
There are numerous other test sites.
For the fulltime always-on broadband people, you might also want to consider a router between your cable or DSL modem and computer, and then you can even connect multiple PCs with only one IP address. Routers also work like firewalls, in that they block unsolicited inbound traffic; however, you should have a good software firewall as well, to monitor unwanted outbound traffic as well.
See which ports are open with
Active Ports
from Smartline.
These are programs that hackers (crackers, actually) use to control your computer. One of these miscreants could send 20 million spam emails from your PC while you were having dinner.
Get the Trojan Defence Suite (TDS-3) from
tds.diamondcs.com.au/ .
This one is shareware, but seems to work ok before registering, during the 30-day
trial period. It is very comprehensive.
Another trojan hunter is "Ants" at
www.wilders.org/downloads.htm It seems the
Ants author has given up. :-(
.
Version 3 should be out soon (the current version is all in Deutsch).
Spyware is software installed on your computer without your knowledge or approval. It rarely appears in the task list. Its mission in life is to report back to its owners what you do while surfing, and may even steal your passwords, credit card numbers, and anything else you might enter while visiting a web site.
Recommended anti-spyware programs: for the first two, be sure to get the latest updates after installation and before scanning. These work like an anti-virus program, but for spyware.
Ezula and Spedia Surf+
Learn how to get rid of these two spies here:
www.whirlywiryweb.com/q/ezulasurf.asp
WebHancer: Read about it at
www.cexx.org/webhancer.htm
VX2: Read about it at
www.cexx.org/vx2.htm .
Here is even more information about
the despicable practices of VX2
.
There are two pages - be sure to read both.
Comet Cursor. A quote from cometsystems.com: "Welcome to Comet Systems, developer of the award-winning Comet Cursor software program downloaded by 89 million people since 1998..." and every one of you is phoning home. :-) This is bundled with Real Networks audio player, for example.
There are lots of other programs that include spyware,
including most of those MP3 sharing programs. Even RealPlayer phones home all the time.
And read this!
http://scumware.com/
These little infestations are generally one-pixel by one-pixel graphics (you can't see them in your browser) that are placed on millions of web pages and even in HTML emails. They phone home.
Further, investigate what your
hosts file
is and see how it can help with this as well. I've killed all the popups
and much banner advertising with hosts and with restricted sites in the
browser options, and no other external software.
Since there are many different browsers (and versions), this subject is beyond the scope of this Tips page. A simple solution is to go to your browser options settings and turn off or set to "prompt" scripts, ActiveX, and cookies. Then, answer NO. Most email readers have similar options. Check yours carefully. For Internet Explorer, You might want to study up on Trusted Zones, Restricted Zones, and the like. For better browser security, move away from that Operating System component to a modern browser, such as you saw here.
Set your email program to read text only, no HTML or "Rich Text Format," and if you use Outlook Express turn off the Preview Pane, and open email only when off-line.
There is a good reason for not opening email while on-line: a lot of spam these days is embedded with tracking code. If you view the source of the emails, you may find pieces like this:
<img src="http://spamserver.com/images/pixel.gif?c=10293848" height=1 width=1>
The part after the question mark ( c=10293848
) will identify you to
the spammer that you are a valid email address and s/he can now sell your address
to all the other spammers!
You might also want to read
this page
about browser settings (for Internet Explorer) that your webmeister has posted.
Don't ever reply to a spammer, not even the "remove me" links.
All you do is confirm that your address is good, so the spammer can resell
your address to other spammers as a known valid address.
Set up and use a throw-away address (hotmail, yahoo, myrealbox) if you need to
register for something on the web. Unless you are buying something that needs
to be shipped to your home, fake your street address, too, including the
city and zip code. Here's a
list of
valid city/zip codes you can use.
Don't forward jokes with huge lists of email addresses in the To: or CC: fields or in the body (from the person who forwarded it to you) - snip them out!. These are regularly harvested by spammers, and by all the current crop of trojans, worms, and viruses that may be on compromised machines of the people you are sending to. If you really do need to send a message to a bunch of people, put their addresses in the BCC: field (Blind Carbon Copy). If your ISP requires an address in the To: field, put yourself there. And it would be polite to mention in the text that you were sending it to many people <g>.
Oh, and don't go to those send-a-greeting-card sites either. A lot of
them are also in the business of selling your (and the recipient's) email address to spammers!
Sometimes greeting cards can give you nasties as well; read this page at
PCMag.com .
See this page, too: Conceal your address.
What's a hoax? Usually, it's a benign email asking you to forward some message to everyone you know. Don't do it. There can be a darkside. One recent hoax advised all to delete a file named sulfnbk.exe, which is a legitimate Windows file, claiming it was a virus. Not so. Read more about hoaxes at:
There are other sites as well.
Direct your newsreaders to: news.grc.com and subscribe to the security, privacy, spyware, and techtalk groups, among others. Read lots more on the above subjects and ask questions of real pros. Be sure to mask your name and email address in the news reader to prevent the bots from harvesting your info. (In my newsreader, I'm a.nony.mous@example.invalid)
This fellow Eric Howes has put together
a MASSIVE amount of information
for you. Cert® Coordination Center has this article on
Home Network Security
.
:-)
Still looking? Check out the
List of Lists and
this fellow's huge list
.
If you have any general questions about all of this, send us an email and if we have a couple minutes we'll try to help...
Happy surfing, eh?