Iphone

When you use the Internet there are dangers around every corner. Viruses, malicious users, Trojan horses, Oh my! If these are just concepts to you, you are either lucky or well protected (or just un-connected). If these names trigger painful flashbacks to when your computer (and possibly your account balance) was rendered inoperable or compromised by one of the above, then join the club.

Either way, securing your computer against threats from the Internet is an essential step. If you do not, you will, at some point, regret it. Guaranteed.

This article is intended to provide some basic guidelines for securing your computer, and to give the reader a better understanding of how some of these technologies work. It is intended primarily for users of high-speed Internet connections, but most of the article is applicable to dial-up Internet users also.

As far as the home or small business user is concerned, Internet security can be broken down into three areas; Anti-virus software, Firewall protection and Recommended practices/Common sense.

To deal with the last of these three first, an essential step in securing your computer or network is understanding what actions can compromise you. What you don't know will hurt you, especially in regards to email. Some good basic security steps for dealing with email:

Don't use outlook express.
I know, it's convenient, and you already know how to use it, but think about this. Outlook Express is the default email client for every windows version since 98. How many Millions of people do you think are using the default email client? Right. Now if you were writing a computer virus that you wanted to spread rapidly through the Internet by emailing itself, what e-mail client would you write it for? Exactly. If you want to see for yourself, go to www.sarc.com and type 'outlook express' in the search field. There are many alternative email clients available, some of them free. Try Welcome to Eudora®! for starters.

Don't open file attachments unless you are sure of the source. Email file attachments are one of the most common vectors for computer viruses. Modern antivirus software will scan incoming email as a matter of course, but you still have the possibility of a new virus that has yet to be added to the list of scanned-for viruses.
Some General Tips

Use passwords. Both Windows 2000 and XP have the ability to set effective user passwords to prevent others from using the account. They also have a default user called 'administrator' with full rights to the system and other user accounts, and no password unless you gave it one during the installation process.

Worse still, Windows 2000 and XP Professional systems create a secret share (a share is a condition set on a drive or folder which allows it to be accessed from another computer), accessible only to members of the administrators group, for every drive in your computer. To sum up, if you do not have a password on your administrator account, almost every single part of your computer can be accessed and controlled remotely.

The danger is slightly lessened in Windows XP, since network shares are not enabled by default, but if they are enabled, you are at risk. To assign passwords on Windows 2000, go to 'my computer'/control panel/users and passwords. To assign passwords on XP, go to start/control panel/user accounts, pick the user you wish to edit, then select 'change my password.'

Note that to perform this operation, you need administrative privileges, meaning you must be logged in either as administrator, or as a user account you created in XP during the install process, since these accounts are also members of the administrators group by default. It is also a very good idea to change the name of the 'administrator' account to something less obvious, like maybe 'Bob.'
Update your software.

This cannot be stressed enough, especially with anti-virus software. Most anti-virus packages will prompt you if it has been a while since they were able to update their virus definitions (the 'signatures' of computer viruses the antivirus software will search for), so make sure you do.

The software cannot stop what it does not know about. Updating your Windows operating system is just as important.

Microsoft puts out security fixes at a rapid rate, and while this nets them abuse for the amount of holes in their operating systems, it also shows that they are committed to putting out the fires, if not preventing them.

Versions of Windows from 98 up contain a direct link to the windows update site on the start menu, and Windows 2000 (with service pack 3) and XP have an automatic update feature which will download the latest updates automatically. Stay up-to-date.
P2P: Be careful with file-sharing services like Kazaa.

Unlike a couple of years ago, they are now crawling with viruses, adware and other general unpleasantness.

If you are going to use them to download files, make sure to check more than just the name in the first column of the search. Make sure the general size of the file seems right, and especially check the actual file name of the file you are downloading. This is not foolproof, but nothing is when dealing with peer-to-peer sharing software.
Dealing with Anti-virus software

For any Internet connected PC or network, a regularly updated anti-virus program is a must. Standard Anti-virus software works by examining individual files within your hard disk for telltale signs, or signatures, of specific virus programs. A program using this method, called 'exact detection', is only as good as its database of known virus definitions, which is why it is important to update frequently.

The major anti-virus software companies used this approach exclusively, until recently when they have begun flirting with the other major method of virus detection, heuristic detection. This method does not define a virus by matching the exact pattern of data that makes up its signature, but rather by observing its behavior.

or example, a heuristic (Greek for 'to find') anti-virus program might be instructed to watch for non-authorized programs that attempt to make changes to the computer's registry, or to access system files. There are many different methods of implementing heuristic anti-virus software, but that is really beyond the scope of this article. The major reason behind the partial adoption of heuristic anti-virus methods by the big companies such as Symantec (makers of Norton Antivirus) is the success in recent years of mass-mailing worms. Worm are computer viruses which replicate themselves through email.

The incredibly fast rate of infection seen in cases such as the vbs.loveletter worm (which you may recognize as the 'I love you virus'), Anna, and recently the w32.bugbear worm took the major anti-virus manufacturers off-guard. They were not able to release virus definitions fast enough to prevent major distribution of the aforementioned viruses.

The major virus protection companies are now incorporating features into their software which will allow it to detect behavior characteristic of these mass-mailing worms, without necessarily having a virus signature for them, hoping to head off such outbreaks in the future... at least among paying customers.

For home use, an antivirus software package is highly recommended. Symantec's Norton Antivirus and MacAfee's VirusScan are two leaders in the area, but the brand name does not matter as much as the frequency of the virus updates which the company offers. There are several other reputable packages available besides these, especially for the business world.

For software such as this, which needs to be frequently updated by the manufacturer, expect to pay a subscription fee in the future. Most home anti-virus software ships with a one-year subscription to the company's updating service, after which you will need to renew.

If you suspect you already have a virus on your computer, and you either do not have access to an anti-virus program or the one you do have does not seem to be doing the job (not too surprising, as many viruses include disabling the functionality of major anti-virus checkers as part of their payload), all is not lost. There are resources available on the Internet for identifying and eliminating viruses manually.

As a start, you can go to www.sarc.com This is Symantec's public virus threat information website. If you use the encyclopedia, you can find information and removal tools or instructions for many recent viruses.

On the same page there is a link to the Symantec security check, which will scan your computer and identify any viruses that fit a known signature, using their latest definitions. It will not remove them of course, but it's a start. Then you can look them up in the virus encyclopedia for removal instructions.Firewalls and Internet security

No doubt you've heard about firewalls. Everyone on the Internet has heard the term at one time or another. They are for protecting your computer from the big bad Internet, right? Well, yes, essentially.

They can also control access out to the Internet from your computer, but what are they really, and how do they work?

A firewall is a piece of hardware, or a software program that examines data passing into your computer or network and discards it if it does not meet certain criteria. Depending on the type of firewall you use, this operation may take place at different points in the path between the source of the data and the application in your computer it is intended for, and different criteria will be used to examine the data, but the basic operation remains the same for all firewalls.

There are four distinct types of firewall method, which may be used individually or combined into a firewall product:Packet filtering

Packet filtering firewalls work by examining data packets as they attempt to pass through the firewall, and comparing them to a list of rules based on the source of the data, the destination it is intended for, and the port the data was sent from and intends to connect to.

A firewall using packet filtering can be easily configured to stop certain forms of information flowing in or out of a computer or network by blocking well-known ports.

For example, setting a packet-filtering firewall to block data traveling out of the firewall from any source, using port 80 (the standard port used for http, or web-browsing data) will have the effect of disabling web browsing on all computers inside the firewall.

Likewise, if you were hosting a website on your computer and you set your firewall to drop all data coming into the network on port 80 from any source, no-one outside your network would be able to view your website.

The limitation of packet filters is that ports and IP addresses are all they will filter. They don't care about the content of the data, just where it's headed. They also require some technical knowledge if you wish to customize them. Most cable/DSL routing devices can use packet filtering as a part of their firewall protection.Circuit level gateways

A circuit level gateway is a firewall that only allows data into its protected network based on requests that come from computers inside that network. The firewall keeps a record of requests for data that go out, and only allows data in that matches with a request. An advantage of this type of firewall is that since it acts as the gateway to the network it is protecting, anyone scanning the network from outside will see only the address of the firewall, not the rest of its protected network.

As an example of how circuit level gateways work, say computer A is in a network protected by a circuit level gateway firewall, and wants to view a web page on computer B which is outside the firewall. Computer A sends the request for the web page to computer B, which is intercepted and recorded by the firewall before being passed on. Computer B receives the request, which as far as it is concerned came from the address of the firewall, and starts sending the web-page data back across the Internet. When it reaches the firewall, it is compared to computer A's request to see if the IP address and the port match up, then the data is either allowed or dropped.

A major advantage to using this method is that non-requested data from outside the firewall is not allowed in, period. All ports are closed until the firewall opens them. The main disadvantage is that unless it is combined with some other form of filtering, any type of data requested from inside the firewall will be allowed though.

Software or hardware firewalls that use the circuit level gateway method will also include some method of internet sharing, since this is part of the function of this type of firewall. As you can probably guess, cable/DSL home routers use this method primarily. More specifically, they use Network Address Translation (NAT) which is a combination of circuit level gateway functions with Internet sharing.Application level gateways

Application level gateways, also known as proxies, are outwardly similar in operation to circuit level gateways in that they act as the only entrance into or out of a protected network and deny all non-requested data from outside. The major difference is in the way they handle information.

While a circuit level gateway only examines the address and port information contained in data it receives, not the content, an application level gateway is more in-depth. A firewall using this method runs proxy applications to view common types of data (like HTTP for web-pages, FTP, SMTP or POP3 for email, etc.) before it is allowed through the firewall.

This has two major advantages. Firstly, no direct communication is allowed between outside sources and computers behind the firewall, since everything must first pass through a proxy, and secondly, filtering can now be done using the actual content of the data, as opposed to just where it came from and where it's going.

For example, using an application level gateway firewall, you can not only control which computers inside your network can access internet web pages, but also specify which web pages they are allowed to view, since the proxy for HTTP can read the contents of the data sent from a web server and check for restricted websites.

Application level gateways are considered very secure, because of the level of control they offer, but can require significant configuration to get the most out of them. They are also slower at passing information than other firewalls, because of the proxy applications. Client computers on a network with an application level gateway firewall need to be configured to be able to use the proxies to access resources outside the network.

Application level gateway firewalls will have integrated Internet sharing, since this is necessary to their function. They are generally intended for business use, protecting large networks. A good example of an application level gateway software package is Microsoft's ISA (internet Security and Acceleration) server, though this has several features beyond the firewall service.Stateful inspection

Stateful inspection is a combination of packet filtering with some of the elements of the gateway methods. It is somewhat of a vague definition, unlike the other three. Essentially, it is a packet filter firewall that examines more than just the addresses and port information of the data. Without using proxies, it can imitate some of the features of an application gateway by viewing the application specific data sent in each packet.

There are a variety of different products available that use stateful inspection to varying degrees. The advantage of this method is that it can examine data at the application level (that is filtering by content, not just address) without the performance overhead added by using proxies. Stateful firewalls will also close all ports to unsolicited incoming data and keep a table of requests from inside the network, like the two gateway methods.

The firewall included with Microsoft Windows XP claims to be a stateful inspection firewall, though it lacks any way of filtering application content. This is where things get a little blurry, as the XP firewall has essentially the same functionality as the firewalls built into commonly available cable/DSL home routers, a combination of packet filtering with a circuit level gateway.

Apparently then, the definition of a stateful inspection firewall is one that combines features of the other three types to any degree.Configuring your home firewall

Now let's look at setting up and configuring your own firewall to protect your computer or network.

What you'll need: Cable/DSL router with integrated firewall/NAT Or A software firewall such as zonealarm or blackICE defender. Or Windows XP Home or Professional. What you will need to know a few basic definitions. If you are already familiar with the terminology, please skip ahead to the next page.

Port: One end of a logical connection between two computers. Specific ports are used for specific types of data. For example port 80 is used to send and receive HTTP (web browser) traffic. Firewalls can block ports, disabling them from receiving any data.

Protocol : A standardized method for transmitting data between devices. HTTP, FTP and SMTP are examples of well-known protocols for web browsing, file transfer and email respectively. Used with IP addresses and Ports to transfer data between computers. Protocols come in two types, as far as this article is concerned, TCP and UDP.

TCP protocols form a connection, or session, between two computers to send and receive data. They include methods of ensuring data is delivered, and correcting errors. UDP protocols are considered 'connectionless.' They can pass information between computers, but no session is formed to govern the exchange, and no confirmation is given that the data has been received.

IP address: A number used by devices on the Internet or within local networks to address data. The format is xxx.xxx.xxx.xxx where xxx can be a number between 0-255. Example 192.168.5.2Configuring the Windows XP Firewall

All firewall methods, with the exception of application level gateways, use ports, protocol types and IP addresses or computer names to control data entering your network. This is the most important thing to understand. Once you get used to the idea of opening or closing ports in order to control what gets in or out of your network, you can easily configure almost any basic firewall product.

The firewalls we will deal with here, and most of the commonly available commercial ones will block all ports coming into the firewall by default, so if you wish to allow computers on the internet access to a certain part of your network, you will have to do some configuration. You will also need to research the application and find out what ports it uses. All software manufacturers should offer this information.

Now let's look at configuring two of the most common types of firewall; The firewall program included with the Windows XP operating system, and a typical cable/DSL router.

Configuring the Windows XP firewall: This is an easy one, so let's start with it. To enable the firewall, go to start/control panel/network and Internet connections/network connections then right click on your Internet connection and select 'properties'

Go to the 'advanced' tab and check the 'internet connection firewall' box

If you remember the definitions from above, what you have just done is enabled a combination of packet filtering and a circuit level gateway. Your computer will now record which applications on your computer attempt to access the Internet, and examine all incoming data against these records. Any unsolicited data will be dropped.

If you choose to use Internet connection sharing as well, the firewall will handle requests from the other computers in your network as well, acting as a gateway. The XP firewall is effective at stopping unauthorized data from entering your computer or network.Configure a firewall service

The XP Firewalls' only major failing is that it has no way of filtering data leaving your network, which can open you up to Trojan horse programs which, once unwittingly installed, may attempt to send personal information out of your network. For this reason, you should keep up-to-date antivirus software installed.

If you have an application on your computer or inside your network which you would like to allow access to from the Internet, for example a web page or FTP server, you must configure a service for it in the firewall settings.

Click the 'settings' button at the bottom of the 'advanced page of your Internet connection properties.

Each of the buttons on the screen represents a built in service which you can enable to allow access to a specific port inside the firewall. For example, highlight the 'web server (HTTP)' list item, and hit the 'edit' button.

As you see, there is a description of the service, which is just for your benefit. The 'name or IP address of the computer hosting this service on your network' box needs to be filled with the name of the computer you are using to run the application you want to give outside access to.

The external port # identifies the port which users outside the network will be allowed to connect to, and the internal port # specifies the port which will be accessed inside the network if the application is running on a different computer than your firewall system. This is called port mapping, the process of passing information from a port on the Internet side of a firewall to a port in the protected internal network.Creating your own service is easy

All you need to know to create your own service is the port # that the application you want to give access to, and whether the protocol it will accept is TCP (connection oriented) or UDP (connectionless).

To simplify things, use the same port # for both internal and external ports. A list of common applications and the ports they use can be found at the end of this article. See below for an example of a custom service. One nice thing about the XP firewall is that it will custom configure itself for certain Microsoft applications such as MSN Messenger.Setting up a Home based cable/DSL router firewall:

This set of instructions is a lot less specific than the XP firewall section, since there are such a variety of firewall equipped home routers on the market, using different interfaces. For the article, I used an SMC Barricade 4 port wired/wireless router, but the specifics should be similar for every router, they will just be configured differently.

Remember, on home routers, the firewall is enabled by default, so if you do not have a custom configuration to do, you can plug it in and go.

To start with, log into your router's management interface. Generally, entering your router's IP address into a web browser does this. See the manual if you have doubts.

Almost all home routers use NAT (Network Address Translation) as their firewall method. This is a combination of the functions of a circuit level gateway (internet sharing, recording requests from inside the network and denying all data from outside the firewall that does not match a request) and a packet filter for allowing or denying individual ports.

Depending on the model, you will have various levels of function. All router firewalls will, by default, stop unsolicited data from entering the network. They will also contain some form of port mapping to allow computers from the Internet to access specified applications within the firewall.

Some applications may require the use of multiple ports simultaneously, which is not possible in a conventional NAT firewall. To get around this, some routers and firewalls can create special application exceptions which define a 'trigger port,' the port at which the application will initiate communication, then a range of other ports which an application using the trigger port will also be allowed to access.Client Filtering

Another option which may be available is client filtering, which is sort of a reverse firewall, blocking clients inside the network from accessing certain ports. All of these methods use essentially the same forms of information: port numbers.

Once you get used to the idea of ports as the way applications get information in and out of your computer, configuring these options are simple.

Port mapping requires the identification of a machine on your network by name or IP address, a port to be accessed on that machine, and a port to be accessed on your firewall, and the type of protocol (TCP or UDP).

Special application exceptions require a 'trigger port' which sends data out from that application, and one or more receiving ports, depending on the requirements of the application.

TCP or UDP must also be specified.Common Port Numbers

Client filters require the IP address of a computer or computers in your internal network, and the ports which will be blocked, with the protocol type (TCP or UDP).

Hopefully, the whole concept of firewalls and Internet security is a little clearer now. Antivirus programs are essential, and you really should have a home firewall to properly protect your computer or network.

Again, keep in mind that for typical use, a software or hardware firewall should require little or no configuration, so don't be intimidated. The configuration itself revolves around a very limited set of changes, as I hope this article has shown. Protect yourself.

Here is a list of well-known port numbers which you may find useful in configuring your firewall.

Service - Port Number
FTP - 21TCP
Telnet - 23 TCP
SMTP - 25 TCP
HTTP - 80 TCP
POP3 - 110 TCP
HTTPS (secure) - 443 TCP
IRC - 194 TCP

ICQ - 5190 TCP, (note: ICQ by default will use this port to connect, and any available port above 1024 to listen for new connections. This is kind of insecure, so I would recommend going to the ICQ site and reading their firewall configuration info

AOL messenger - 5190, 4099 TCP (also will self configure to available ports)
Yahoo IM (self configures)

MSN messenger - 6891-6900 TCP for file transfer, 6901 TCP/UDP for voice (otherwise self configures messaging)

Kazaa - 1214 TCP (can be reconfigured within Kazaa)

Games** For various multiplayer games, check the websites for specifics

danica

When a computer connects to a network and begins communicating with others, it is taking a risk. Internet security involves the protection of a computers internet account and files from intrusion of an outside user.. Basic security measures involve protection by well selected passwords, change of file permissions and back up of computers data.


danica


__________________________

build your own computer seo agency