More and more webmasters nowadays do not value the importance of a complete website backup (files and databases). They have left this to chance and good luck which poses a great risk to their online presence.
Can you relate to this? Then read this important article which might save you an arm and a leg later.
Web site backup is the most ignored task of the webmasters simply because it poses no immediate threat to them until something worse happen to their hosting server. Many times, this task is set aside, delayed and even regarded as nuisance to the busy website owner.
They just don't realize what is at stake here.
So before your website will be wiped out of the internet by unexpected accidents like server breakdowns, harddisk failures, hacking and DDOS attacks among other bad things, let me share with you the 10 Backup E-S-S-E-N-T-I-A-L-S you should not live without online.
EXPECT - Know that your webhosting company (even the biggest and the most boastful out there) may encounter problems and that your diligence to backup up will pay off later on. Online computing has never been so unpredictable that the worse of times will happen when you least expect it. With the proper mindset, you are insuring the continuity of your online endeavour in any eventualities. In short, be ready.
SCHEDULE - Your backup process should not compete with your busy schedules. Create your own backup schedule at the most convenient time for you in the week. If you're like me, I do this during lunch and dinner times. Sometimes, I have to leave my PC overnight working on the backups. If you can make it not to conflict with your busy schedules, you will be able to keep up with the demands of this job. In short, don't complicate.
STICK with it - Just do it. Patience is key to your backup tasks. Once you have a schedule, stick with it. You must do this diligently every time it should happen. This is a tough challenge especially to busy people working online. But the sooner you discipline yourself and make backing up your files a habit, the more you will benefit from a worry-free online environment. In short, get a good habit.
EVALUATE - After a while, test your backup files. A good backup can be tested by simply restoring it on another system. Evaluating your backup results from time to time is good way to know that you are keeping what you should keep - a good and working backup. In short, be sure.
NO Complacency - After some time, your backup schedule may slip away and you will tend to forget or intentionally miss it. Don't succumb to this temptation. Man has never been so busy in his lifetime like it is today in this era of the high tech trends, new developments and discoveries. In short, don't be lazy to backup.
TRASH - Know which files to keep and not to keep. You need to do this to keep your backup process as short and as efficient as possible. It also saves you valuable resources like hard disk space and backup mediums. Backup only what you need. Keep out the trash and dump it. In short, don't sweat with the trash.
INTUITION - Have faith in your backup results. Believe that what you are doing is for your own good later on. Like vitamins that keep your body healthy, backups keeps your mind away from stress and worries. A good working backup will make you smile even on the worst of times because you are insured by your patience. In short, believe in good results.
AUTOMATE - Look for alternatives to traditional backup process that can make your life simpler. There are several technologies and softwares you can use now to generate the fastest and safest backup files you will need to restore in case of emergency without you lifting a finger. Automation is king in this lazy man's world. In short, be efficient.
LIBERATE - Free yourself from worries and anxiety of theunexpected. A death sentence that can be prevented will not kill you. So think about what you can do more (like sleepingmore at night) than to think about what harm may come. With your own backup systems established, you can retire at night calmly knowing the next day, if you don't see your websites as you should, you know you can pubish it back within the day even if your webhost cannot recover it for you. In short, relax and enjoy life to the max.
SECURITY - Nothing beats the feeling of being secured. This is the reason why the insurance businesses have flourished over the years. But more importantly, your commitment to backup your files will not only save you from stress, humiliation, frustration, anger and guilt, but also lift your spirit and confidence because you know at the end of the day, your self reliance is well worth it.
And that, my friend, is a great and wonderful feeling.
Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts
Tuesday, January 13, 2009
Friday, January 9, 2009
10 Steps To A Safe, Smooth Running PC
10 Steps To A Safe, Smooth Running PC By Michael A Silva
These ten steps will help you increase your computer's security. From discovering viruses to learning how to avoid them, this article is a must read!
Windows password This is the easiest way to make sure you know who is using your pc. Choose a lengthy password that contains capital and lower case letters. Including a number or two will greatly increase your security. Having a Windows password means that the only people that can log onto a Windows session are people that you have granted access to.
Password manager You should never write your passwords down. Using the same password all the time will also make it very easy for hackers to reach your personal information. So if you can’t write it down and you’re not
supposed to use the same one – how are you supposed to keep track of all of your passwords? The easiest way to do this is to use a password manager. We prefer to use Roboform. Roboform is an easy to use password and profile manager that docks neatly into your Internet Explorer toolbar and keeps track of all of your passwords for you. Roboform also uses a master password system. You will have one password that accesses all of the passwords in the program. This way you can keep all of your information safe and secure. You can download Roboform for free by http://www.roboform.com.
Spyware Remover Next to spam, spyware is the internet’s biggest annoyance. By definition, spyware is “any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Once installed, the spyware
monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.” The amount of spyware that exists on your pc is dependent on the amount of internet surfing you do. A good rule of thumb here is to scan for spyware once per week or whenever poor system performance surfaces. If you don’t have a spyware scanner, we recommend http://www.webroot.com.
Antivirus This should go without saying, but if your computer is connected to the internet you need antivirus software. With weekly scans and program updates you should be protected from most threats. For added protection, we
recommend using more than one anvtivirus scanner.
Firewall A firewall will keep unwanted visitors out of your computer. You can obtain a firewall either by using software application like ZoneAlarm or Black Ice Defender, or by using a router with your internet connection. For more information on routers plese visit http://www.Linksys.com.
File sharing Basically, file sharing programs are the single biggest security risk you will come across. This is because the only facts you have about the files you are downloading are the file name and the file size. It is quite simple to change a filename to dupe someone into downloading a virus or other malware like keystroke recorders. Our advice – stay away from file sharing at all costs. If you need to use it, make sure you have updated antivirus software installed and running.
Research In a sentence – know what’s out there. http://www.Symantec.com has a section on their website that will serve you well. Knowing what types of viruses exist and how to avoid them will make you a much smarter internet user.
Email protection Most of the antivirus applications available offer email scanning. If yours does not, you will want to get one that does. Email scanning will make sure all of your incoming and outgoing emails are safe for both you and the recipient. Email viruses spread very quickly by using your address book to propagate. Never read email from people you don’t know and always make sure your email scanner is active.
Network security Another way that viruses spread is through computer networks. We have a few quick tips to keep your network safe. Always scan any files that come in from other computers. Even if it’s a file you have brought from home. Never allow a file to be placed on your network until it
has been scanned. The main server should be the only computer with file sharing enabled. By not allowing computer users to transmit files, you can quickly neutralize a threat.
Maintenance Performing weekly virus and spyware scans will go a long way to keeping your computer safe. Defragmenting weekly will also greatly improve performance. If you put in the effort, you will be rewarded with a safe and smooth running pc. Not to mention less headaches!
By following these ten guide lines, you will greatly improve the performance of your computer. You will also generate peace of mind as you gain a new sense of security.
------------------
For more information on affordable hosting packages, website builder software, dedicated and shared server packages, website design and promotion services and specialized fund raising and campaign websites please visit us at http://www.ipowereurope.com
These ten steps will help you increase your computer's security. From discovering viruses to learning how to avoid them, this article is a must read!
Windows password This is the easiest way to make sure you know who is using your pc. Choose a lengthy password that contains capital and lower case letters. Including a number or two will greatly increase your security. Having a Windows password means that the only people that can log onto a Windows session are people that you have granted access to.
Password manager You should never write your passwords down. Using the same password all the time will also make it very easy for hackers to reach your personal information. So if you can’t write it down and you’re not
supposed to use the same one – how are you supposed to keep track of all of your passwords? The easiest way to do this is to use a password manager. We prefer to use Roboform. Roboform is an easy to use password and profile manager that docks neatly into your Internet Explorer toolbar and keeps track of all of your passwords for you. Roboform also uses a master password system. You will have one password that accesses all of the passwords in the program. This way you can keep all of your information safe and secure. You can download Roboform for free by http://www.roboform.com.
Spyware Remover Next to spam, spyware is the internet’s biggest annoyance. By definition, spyware is “any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Once installed, the spyware
monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.” The amount of spyware that exists on your pc is dependent on the amount of internet surfing you do. A good rule of thumb here is to scan for spyware once per week or whenever poor system performance surfaces. If you don’t have a spyware scanner, we recommend http://www.webroot.com.
Antivirus This should go without saying, but if your computer is connected to the internet you need antivirus software. With weekly scans and program updates you should be protected from most threats. For added protection, we
recommend using more than one anvtivirus scanner.
Firewall A firewall will keep unwanted visitors out of your computer. You can obtain a firewall either by using software application like ZoneAlarm or Black Ice Defender, or by using a router with your internet connection. For more information on routers plese visit http://www.Linksys.com.
File sharing Basically, file sharing programs are the single biggest security risk you will come across. This is because the only facts you have about the files you are downloading are the file name and the file size. It is quite simple to change a filename to dupe someone into downloading a virus or other malware like keystroke recorders. Our advice – stay away from file sharing at all costs. If you need to use it, make sure you have updated antivirus software installed and running.
Research In a sentence – know what’s out there. http://www.Symantec.com has a section on their website that will serve you well. Knowing what types of viruses exist and how to avoid them will make you a much smarter internet user.
Email protection Most of the antivirus applications available offer email scanning. If yours does not, you will want to get one that does. Email scanning will make sure all of your incoming and outgoing emails are safe for both you and the recipient. Email viruses spread very quickly by using your address book to propagate. Never read email from people you don’t know and always make sure your email scanner is active.
Network security Another way that viruses spread is through computer networks. We have a few quick tips to keep your network safe. Always scan any files that come in from other computers. Even if it’s a file you have brought from home. Never allow a file to be placed on your network until it
has been scanned. The main server should be the only computer with file sharing enabled. By not allowing computer users to transmit files, you can quickly neutralize a threat.
Maintenance Performing weekly virus and spyware scans will go a long way to keeping your computer safe. Defragmenting weekly will also greatly improve performance. If you put in the effort, you will be rewarded with a safe and smooth running pc. Not to mention less headaches!
By following these ten guide lines, you will greatly improve the performance of your computer. You will also generate peace of mind as you gain a new sense of security.
------------------
For more information on affordable hosting packages, website builder software, dedicated and shared server packages, website design and promotion services and specialized fund raising and campaign websites please visit us at http://www.ipowereurope.com
Saturday, January 3, 2009
The Value of Data Media Security
A basic locking cabinet can secure valuable papers or personal items but it will not protect them from theft or fire damage. Only safes can provide a superior level of protection for documents, jewelry, guns and personal items. computer data that would be difficult or impossible to duplicate if lost.
While paper records secured within a fire-rated safe can withstand temperatures up to 350 degrees Fahrenheit, computer media is damaged beyond use by temperatures above 125 degrees and 80% humidity. Microfiche film, tapes, diskettes, CDs, DVDs and computer media require the added protection of a data media safe.
Data Media Safes are specifically designed for data media storage. Protect against fire and climactic changes--a requirement for a small business or home office. A data media safe must keep the internal temperature below 125ยบ and the humidity level below 85%. Several fire testing laboratories have tested our safes at a temperature of 1,832 degrees F for over one hour with internal temperatures remaining below 122 degrees F. The safes were awarded the one-hour label. In addition, the safes are manufactured under ISO 9002 quality standard requirements.
Fire could destroy your business! In fact, eight businesses burn almost every hour in the U.S. resulting in over 2.3 billion dollars in annual losses.* Unfortunately, seven out of ten businesses have not adequately protected their vital records. When that information is destroyed a business often fails. Don't become a company that incurs fire damage resulting in critical loss of data (customer, personnel, accounting files, etc.) by not utilizing quality fire and data media safes. Survival is possible but preparation is necessary.
To view our inventory of Data Media Safes visit http://www.datamediasafes.com
While paper records secured within a fire-rated safe can withstand temperatures up to 350 degrees Fahrenheit, computer media is damaged beyond use by temperatures above 125 degrees and 80% humidity. Microfiche film, tapes, diskettes, CDs, DVDs and computer media require the added protection of a data media safe.
Data Media Safes are specifically designed for data media storage. Protect against fire and climactic changes--a requirement for a small business or home office. A data media safe must keep the internal temperature below 125ยบ and the humidity level below 85%. Several fire testing laboratories have tested our safes at a temperature of 1,832 degrees F for over one hour with internal temperatures remaining below 122 degrees F. The safes were awarded the one-hour label. In addition, the safes are manufactured under ISO 9002 quality standard requirements.
Fire could destroy your business! In fact, eight businesses burn almost every hour in the U.S. resulting in over 2.3 billion dollars in annual losses.* Unfortunately, seven out of ten businesses have not adequately protected their vital records. When that information is destroyed a business often fails. Don't become a company that incurs fire damage resulting in critical loss of data (customer, personnel, accounting files, etc.) by not utilizing quality fire and data media safes. Survival is possible but preparation is necessary.
To view our inventory of Data Media Safes visit http://www.datamediasafes.com
Wednesday, December 31, 2008
A Look At Information Technology Security For 2007
The world of computer security is a fascinating aspect and 2007 is not going to be any different, but it will be more interesting with the release of Microsoft Vista.
Large companies are looking to tighten the noose around those bad hackers, consumers are demanding more security and more privacy for there home computers, and who wouldn’t, credit card fraud and identity theft has not decreased it has only increased.
Hackers who like to hack into bank accounts are going to have a harder time doing that. Some online banking companies are asking there customers to take a further step in the login process when logging into there bank accounts. For example, some banks are asking there customers to enter their user ID on one page and then enter their password on the next page; this makes it more difficult for hackers. But don’t ever feel like you are safe, keep your guard up and don’t fall for any phony emails that ask you to go to a fake look a like bank website and enter your user name and password. If you do get one of those fake emails call your bank first, and ask them if they sent you the email, and you can also forward the email to the banks technical support team.
Thanks to companies like Webroot there are programs that can help you keep your computer secure and free of spy ware and ad ware, with their Spy Sweeper software which I highly recommend. Webroot also offers a great firewall that your computer should not be without. Go to AME Computers Spyware and Malware page for more information on these great products.
Another good move toward security and spam is that there are some ISP’s that are offering free spam filters, this helps cut down on the amount of junk mail reaching your inbox. The newer version of Outlook has built in junk mail filter, but what’s the point in having a filter if you have to go and filter through the spam filter that Outlook provides.
The flip side to all of this is the cost to consumers. Spyware and viruses can cost companies, and the average consumer thousands of dollars a year. Companies implementing new security hardware pass on those expenses to there customers, so it is not good for the consumer or the business. Microsoft Vista operating system has some built in features to help keep you safe; however there still may be a need for third party software to protect against spyware and viruses.
It’s a never ending battle between the good guys like Webroot and Lava Soft and the bad guys like the hackers and spammers. Do your part and fight the good fight.
Large companies are looking to tighten the noose around those bad hackers, consumers are demanding more security and more privacy for there home computers, and who wouldn’t, credit card fraud and identity theft has not decreased it has only increased.
Hackers who like to hack into bank accounts are going to have a harder time doing that. Some online banking companies are asking there customers to take a further step in the login process when logging into there bank accounts. For example, some banks are asking there customers to enter their user ID on one page and then enter their password on the next page; this makes it more difficult for hackers. But don’t ever feel like you are safe, keep your guard up and don’t fall for any phony emails that ask you to go to a fake look a like bank website and enter your user name and password. If you do get one of those fake emails call your bank first, and ask them if they sent you the email, and you can also forward the email to the banks technical support team.
Thanks to companies like Webroot there are programs that can help you keep your computer secure and free of spy ware and ad ware, with their Spy Sweeper software which I highly recommend. Webroot also offers a great firewall that your computer should not be without. Go to AME Computers Spyware and Malware page for more information on these great products.
Another good move toward security and spam is that there are some ISP’s that are offering free spam filters, this helps cut down on the amount of junk mail reaching your inbox. The newer version of Outlook has built in junk mail filter, but what’s the point in having a filter if you have to go and filter through the spam filter that Outlook provides.
The flip side to all of this is the cost to consumers. Spyware and viruses can cost companies, and the average consumer thousands of dollars a year. Companies implementing new security hardware pass on those expenses to there customers, so it is not good for the consumer or the business. Microsoft Vista operating system has some built in features to help keep you safe; however there still may be a need for third party software to protect against spyware and viruses.
It’s a never ending battle between the good guys like Webroot and Lava Soft and the bad guys like the hackers and spammers. Do your part and fight the good fight.
Tuesday, December 30, 2008
A Crash Course On Myspace For Parents
It is easy to lose track of what your kids are doing online without being overly snoopy about their growing independence. Independence is a good thing when the child has demonstrated that they can make responsible decisions and good choices. Part of your responsibility as a parent is to provide the tools which will help them along this pathway. A good way to open communications with your child is to discuss the MySpace internet area with them.
MySpace is a web site where teens and preteens can journal thoughts, add pictures, chat with others about their interest, and discuss events and problems which affect their daily lives. A great deal of controversy lately has surfaced around the site, because of the potential for unwelcome elements of discussion, pedophiles who may use the site as a springboard for meeting youngsters face to face or other unhealthy aspects.
By understanding the mechanics of how MySpace works, parents are enabled to sit down with a preteen child and dialogue about the positive aspects of the web site as well as opening discussion about the dangers which can be found. Obviously, no parent is going to be able to totally block off any areas of the internet which might be perceived as unhealthy for the child. Often such actions will either be resented as overly controlling, or will create an interest where none existed previously.
Some important tips to use with your youngster is how to set privacy and profile options for security online. You can also explain to your child the importance of not lying about your age, or giving out the real name of your school or other identifying information. The important part of this exercise is that it is done jointly with the child, so they learn not only how to use guidelines in making decisions, but that there are good reasons for the guidelines.
MySpace is a web site where teens and preteens can journal thoughts, add pictures, chat with others about their interest, and discuss events and problems which affect their daily lives. A great deal of controversy lately has surfaced around the site, because of the potential for unwelcome elements of discussion, pedophiles who may use the site as a springboard for meeting youngsters face to face or other unhealthy aspects.
By understanding the mechanics of how MySpace works, parents are enabled to sit down with a preteen child and dialogue about the positive aspects of the web site as well as opening discussion about the dangers which can be found. Obviously, no parent is going to be able to totally block off any areas of the internet which might be perceived as unhealthy for the child. Often such actions will either be resented as overly controlling, or will create an interest where none existed previously.
Some important tips to use with your youngster is how to set privacy and profile options for security online. You can also explain to your child the importance of not lying about your age, or giving out the real name of your school or other identifying information. The important part of this exercise is that it is done jointly with the child, so they learn not only how to use guidelines in making decisions, but that there are good reasons for the guidelines.
Sunday, December 28, 2008
Web Servers and Firewall Zones
Web and FTP Servers
Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.
However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.
The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, and traffic to and from the LAN. Traffic between the DMZ and your LAN would be treated totally separately to traffic between your DMZ and the Internet. Incoming traffic from the internet would be routed directly to your DMZ.
Therefore if any hacker where to compromise a machine within the DMZ, then the only network they would have access to would be the DMZ. The hacker would have little or no access to the LAN. It would also be the case that any virus infection or other security compromise within the LAN would not be able to migrate to the DMZ.
In order for the DMZ to be effective, you will have to keep the traffic between the LAN and the DMZ to a minimum. In the majority of cases, the only traffic required between the LAN and the DMZ is FTP. If you do not have physical access to the servers, you will also need some sort of remote management protocol such as terminal services or VNC.
Database servers
If your web servers require access to a database server, then you will need to consider where to place your database. The most secure place to locate a database server is to create yet another physically separate network called the secure zone, and to place the database server there.
The Secure zone is also a physically separate network connected directly to the firewall. The Secure zone is by definition the most secure place on the network. The only access to or from the secure zone would be the database connection from the DMZ (and LAN if required).
Exceptions to the rule
The dilemma faced by network engineers is where to put the email server. It requires SMTP connection to the internet, yet it also requires domain access from the LAN. If you where to place this server in the DMZ, the domain traffic would compromise the integrity of the DMZ, making it simply an extension of the LAN. Therefore in our opinion, the only place you can put an email server is on the LAN and allow SMTP traffic into this server. However we would recommend against allowing any form of HTTP access into this server. If your users require access to their mail from outside the network, it would be far more secure to look at some form of VPN solution. (with the firewall handling the VPN connections. LAN based VPN servers allow the VPN traffic onto the network before it is authenticated, which is never a good thing.)
Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.
However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.
The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, and traffic to and from the LAN. Traffic between the DMZ and your LAN would be treated totally separately to traffic between your DMZ and the Internet. Incoming traffic from the internet would be routed directly to your DMZ.
Therefore if any hacker where to compromise a machine within the DMZ, then the only network they would have access to would be the DMZ. The hacker would have little or no access to the LAN. It would also be the case that any virus infection or other security compromise within the LAN would not be able to migrate to the DMZ.
In order for the DMZ to be effective, you will have to keep the traffic between the LAN and the DMZ to a minimum. In the majority of cases, the only traffic required between the LAN and the DMZ is FTP. If you do not have physical access to the servers, you will also need some sort of remote management protocol such as terminal services or VNC.
Database servers
If your web servers require access to a database server, then you will need to consider where to place your database. The most secure place to locate a database server is to create yet another physically separate network called the secure zone, and to place the database server there.
The Secure zone is also a physically separate network connected directly to the firewall. The Secure zone is by definition the most secure place on the network. The only access to or from the secure zone would be the database connection from the DMZ (and LAN if required).
Exceptions to the rule
The dilemma faced by network engineers is where to put the email server. It requires SMTP connection to the internet, yet it also requires domain access from the LAN. If you where to place this server in the DMZ, the domain traffic would compromise the integrity of the DMZ, making it simply an extension of the LAN. Therefore in our opinion, the only place you can put an email server is on the LAN and allow SMTP traffic into this server. However we would recommend against allowing any form of HTTP access into this server. If your users require access to their mail from outside the network, it would be far more secure to look at some form of VPN solution. (with the firewall handling the VPN connections. LAN based VPN servers allow the VPN traffic onto the network before it is authenticated, which is never a good thing.)
Setting Up and Securing Your Wireless Network
There are more and more individuals opting to work from home than ever before. The advantages to this are many including avoiding the morning and evening rush hours, being able to spend time with your kids and significant other, and doing everything on your own time. Though the pitfalls are many, the one that I will be focusing on in this article is that of setting up a secure wireless network for your home based business. Right now somewhere out there, there is someone with a receiver waiting to pick up on an unsuspecting person’s wireless local area network. Their hope is to garner some sensitive information that may lead to identity theft, and stolen proprietary business information.
Most businesses owners are not technically inclined, though they may be power users, in general security settings is not one of the first things they want to mess around with in their day to day operations. This makes most wireless LANs a great target for information predators.
Here are some general guidelines to follow in setting up your wireless network. Though it may vary from vendor to vendor, the gist is more or less the same:
1. Setup the wireless access/router point via a wired client.
2. Always change the factory setting password to something difficult for someone to guess.
3. Enable 128-bit Wired Equivalency Privacy (WEP) encryption on both your access point and network card. From time to time change the WEP key entries. If your hardware does not support a minimal of 128 bit WEP encryption, then it may be time to replace this dinosaur. WEP is only a minimal security precaution, which is better than none at all.
4. Alter the factory default SSID on the access/router point to a convoluted difficult to guess string. Initiate your computer to connect to this configured SSID by default.
5. Setup your access point not to broadcast the SSID if available.
6. Block off anonymous internet requests and pings.
7. P2P Connections should be disabled.
8. Enable MAC filtering.
9. Enable firewall on the network router/access point with demilitarized zone function disabled. Enable client firewalls for each computer in the network.
10. Update router and access point firmware as updates become available.
11. Make sure the physical router is hidden so that a random person can’t reset the settings.
12. Position the physical router near the middle of the establishment as opposed to near windows to prevent others outside from receiving the signals.
These and other settings will collectively help prevent any unwanted intrusions on your private data.
Most businesses owners are not technically inclined, though they may be power users, in general security settings is not one of the first things they want to mess around with in their day to day operations. This makes most wireless LANs a great target for information predators.
Here are some general guidelines to follow in setting up your wireless network. Though it may vary from vendor to vendor, the gist is more or less the same:
1. Setup the wireless access/router point via a wired client.
2. Always change the factory setting password to something difficult for someone to guess.
3. Enable 128-bit Wired Equivalency Privacy (WEP) encryption on both your access point and network card. From time to time change the WEP key entries. If your hardware does not support a minimal of 128 bit WEP encryption, then it may be time to replace this dinosaur. WEP is only a minimal security precaution, which is better than none at all.
4. Alter the factory default SSID on the access/router point to a convoluted difficult to guess string. Initiate your computer to connect to this configured SSID by default.
5. Setup your access point not to broadcast the SSID if available.
6. Block off anonymous internet requests and pings.
7. P2P Connections should be disabled.
8. Enable MAC filtering.
9. Enable firewall on the network router/access point with demilitarized zone function disabled. Enable client firewalls for each computer in the network.
10. Update router and access point firmware as updates become available.
11. Make sure the physical router is hidden so that a random person can’t reset the settings.
12. Position the physical router near the middle of the establishment as opposed to near windows to prevent others outside from receiving the signals.
These and other settings will collectively help prevent any unwanted intrusions on your private data.
Peltier Associates Breaking and Fixing Wireless Security
To the information security professional wireless networking may be thought of as a four letter word to be avoided at all costs. Regardless of the security implication wireless networking can provide cost efficiency, and because of that wireless technologies are here to stay. While many in the profession believe that wireless networks can be easily compromised, this class will show how the appropriate wireless architecture with the proper security controls can make your wireless network as secure as any other remote access point into your network.
In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.
Course Completion
Upon the completion of our CISM course, students will have:
Constructed a wireless network architecture
Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000
Install a wireless access point
Distinguish between 802.11x standards
Defeat Wired Equivalent Privacy
Key Take Aways:
An understanding of wireless networks
A CD of common tools and documentation
An ability to search the internet for updates and more information on wireless networks
Detail of Course Content The following topics will be covered:
Wireless History
Radio Frequency (RF) Fundamentals
WLAN Infrastructure
802.11 Network Architecture
802.1X Authentication
Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)
Detection Platforms
WLAN Discovery Tools
Kismet
Wireless Sniffers
Conventional Detection
Antennas
Exploiting WLANs
Securing WLANs
Other Wireless Options
Legal Issues including GLBA and ISO-17799
Future
Resources
http://www.acquisitiondata.com/wireless_security.asp
In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.
Course Completion
Upon the completion of our CISM course, students will have:
Constructed a wireless network architecture
Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000
Install a wireless access point
Distinguish between 802.11x standards
Defeat Wired Equivalent Privacy
Key Take Aways:
An understanding of wireless networks
A CD of common tools and documentation
An ability to search the internet for updates and more information on wireless networks
Detail of Course Content The following topics will be covered:
Wireless History
Radio Frequency (RF) Fundamentals
WLAN Infrastructure
802.11 Network Architecture
802.1X Authentication
Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)
Detection Platforms
WLAN Discovery Tools
Kismet
Wireless Sniffers
Conventional Detection
Antennas
Exploiting WLANs
Securing WLANs
Other Wireless Options
Legal Issues including GLBA and ISO-17799
Future
Resources
http://www.acquisitiondata.com/wireless_security.asp
Peltier Associates Breaking and Fixing Wireless Security
To the information security professional wireless networking may be thought of as a four letter word to be avoided at all costs. Regardless of the security implication wireless networking can provide cost efficiency, and because of that wireless technologies are here to stay. While many in the profession believe that wireless networks can be easily compromised, this class will show how the appropriate wireless architecture with the proper security controls can make your wireless network as secure as any other remote access point into your network.
In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.
Course Completion
Upon the completion of our CISM course, students will have:
Constructed a wireless network architecture
Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000
Install a wireless access point
Distinguish between 802.11x standards
Defeat Wired Equivalent Privacy
Key Take Aways:
An understanding of wireless networks
A CD of common tools and documentation
An ability to search the internet for updates and more information on wireless networks
Detail of Course Content The following topics will be covered:
Wireless History
Radio Frequency (RF) Fundamentals
WLAN Infrastructure
802.11 Network Architecture
802.1X Authentication
Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)
Detection Platforms
WLAN Discovery Tools
Kismet
Wireless Sniffers
Conventional Detection
Antennas
Exploiting WLANs
Securing WLANs
Other Wireless Options
Legal Issues including GLBA and ISO-17799
Future
Resources
http://www.acquisitiondata.com/wireless_security.asp
In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.
Course Completion
Upon the completion of our CISM course, students will have:
Constructed a wireless network architecture
Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000
Install a wireless access point
Distinguish between 802.11x standards
Defeat Wired Equivalent Privacy
Key Take Aways:
An understanding of wireless networks
A CD of common tools and documentation
An ability to search the internet for updates and more information on wireless networks
Detail of Course Content The following topics will be covered:
Wireless History
Radio Frequency (RF) Fundamentals
WLAN Infrastructure
802.11 Network Architecture
802.1X Authentication
Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)
Detection Platforms
WLAN Discovery Tools
Kismet
Wireless Sniffers
Conventional Detection
Antennas
Exploiting WLANs
Securing WLANs
Other Wireless Options
Legal Issues including GLBA and ISO-17799
Future
Resources
http://www.acquisitiondata.com/wireless_security.asp
It's 12 Noon, Do You Know Who's Using Your Network?
The idea of reading email while lounging by the pool, text or instant messaging while doing the laundry, or lounging in the Jacuzzi listening to your MP3 collection is appealing to us all.
Unfortunately, many, or even most, wireless units don't come with security features already functioning. This may not seem like a big issue to someone who is simply setting up a home network, but there are a number of potential problems you should consider.
The most serious problem is the increase in identity theft. If your network is unsecured, the personal data on your wireless electronic equipment is also unsecured. The order you just placed for a book at Amazon may have given your contact and payment information to an unscrupulous hacker!
Nearly every town in which "WiFi" is common will have "War Drivers" and "War Chalkers" at work. These are people who walk or drive around town with wireless equipment, searching for unsecured networks. The "Chalkers" then live up their name, marking curbs and other public items with chalk so that others can more easily find and exploit your network.
Not all "War Drivers" are hackers, of course. Many just want to use your network for free, but the risk is high if you don't learn how to protect yourself. You can usually find quite a bit of free information as to how to secure your network at the website of your router's manufacturer, or by doing a search in a search engine for a phrase like "secure home wireless."
Beyond the truly malicious, there are also your neighbors who may find your network by accident and enjoy nosing into your activities and using your Internet access at will, slowing down your network speed in the process.
Even many businesses use cheap, home-use quality equipment for their company networks. With the poor security often found on small business networks, anyone with a basic knowledge of wireless can access sensitive company and customer data.
If you are unable to secure your network yourself, there are many service companies who will do it for you. A search of your local yellow pages or an inquiry at your neighborhood computer store should yield professional help and get your private data private again
Unfortunately, many, or even most, wireless units don't come with security features already functioning. This may not seem like a big issue to someone who is simply setting up a home network, but there are a number of potential problems you should consider.
The most serious problem is the increase in identity theft. If your network is unsecured, the personal data on your wireless electronic equipment is also unsecured. The order you just placed for a book at Amazon may have given your contact and payment information to an unscrupulous hacker!
Nearly every town in which "WiFi" is common will have "War Drivers" and "War Chalkers" at work. These are people who walk or drive around town with wireless equipment, searching for unsecured networks. The "Chalkers" then live up their name, marking curbs and other public items with chalk so that others can more easily find and exploit your network.
Not all "War Drivers" are hackers, of course. Many just want to use your network for free, but the risk is high if you don't learn how to protect yourself. You can usually find quite a bit of free information as to how to secure your network at the website of your router's manufacturer, or by doing a search in a search engine for a phrase like "secure home wireless."
Beyond the truly malicious, there are also your neighbors who may find your network by accident and enjoy nosing into your activities and using your Internet access at will, slowing down your network speed in the process.
Even many businesses use cheap, home-use quality equipment for their company networks. With the poor security often found on small business networks, anyone with a basic knowledge of wireless can access sensitive company and customer data.
If you are unable to secure your network yourself, there are many service companies who will do it for you. A search of your local yellow pages or an inquiry at your neighborhood computer store should yield professional help and get your private data private again
Saturday, December 27, 2008
Does The Google Desktop Really Put Your Privacy In Jeopardy?
There has been a lot of talk recently about Google Talk and how there are serious privacy concerns with the new application.
The biggest concern seems to come with the ability to search and share multiple computers with one account. In other words, you could use a single desktop search account to search, index and allow you to share files between your desktop and laptop for example.
But are these concerns grounded in truth? Is there really a privacy issue here?
I downloaded and installed the new Desktop Search beta the other day. It has some interesting new features such as the ability to remove panels from the sidebar and dock them anywhere you like on your desktop.
And there are several more panels available to let you do anything from manage what is indexed, to passing time by playing games.
One of the coolest features is its ability to reach beyond the desktop it is on to do a variety of things. Now, I can play tic tac toe with co-workers, or even friends around the world.
But the biggest, and most troubling update to some is the ability to remotely index files, as well as share them using Google servers to temporarily store the items.
By turning this feature on you give Google the right to store your files for up to 30 days. Therein lies the crux of the issue – there seems to be no way around this 30 day requirement.
All I have to say is 'so what?'
So what if you have to give Google this ability? Google will encrypt the data so that no one else can access it. And even if there is some sort of DOJ subpoena requiring access to these files I don't think it would stand up in court.
This is because Google has set up a network whereby all your Google activities are tied to one Google account. Your personalized home page, gmail, google analytics, adwords and adsense accounts all share the same Google account. Therefore, it would be difficult for anyone to get a subpoena to review information pertaining to only part of that account.
Legalities aside, if you are that concerned about the privacy being surrendered to Google in order to use this system then don't sign up for it.
You can still download and use the new Desktop Search with most of its new features, but you don't have to use the file sharing.
But what if you want to share files between computers?
Well, do what I did – go to your favorite electronics store and buy a flash drive. I just bought a USB flash drive with over 2 gigs of storage for under $100. Now I can easily transfer anything between any computer with no worry of some government agency wanting to know what's on it.
As I said, I do have the new Google Desktop installed, and I did look at the settings for the search and file sharing, but I didn't turn them on. I have no need to be able to search my home computer from work and vice versa, nor do I need to share files between the two computers.
And if I did, I'll simply use the FTP site I have set up on a computer at home or the aforementioned flash drive.
Really, when it comes to all the other ways that Google captures your personal data, from search history to Gmail, should we be all that concerned that some files may end up being stored on a Google server somewhere?
I think we should have other concerns. For example, I think we should be concerned about what Google already knows about us via those services I mentioned earlier.
I think business owners should be concerned that such a service would allow employees to easily steal and transfer data to and from work.
I think if you are that scared of the US government infringing on your privacy then you shouldn't have a Google account, nor Google Desktop Search nor a Gmail account. In fact I don't think you should have any Internet accounts because quite honestly everyone is a target for the DOJ. Further, I can almost guarantee you that your local ISP will fold and hand over the data much easier than Google will.
So before you start complaining about how Google could infringe your privacy, remember that YOU have the ability to stop it from happening. It's just a matter of choosing to do so.
The biggest concern seems to come with the ability to search and share multiple computers with one account. In other words, you could use a single desktop search account to search, index and allow you to share files between your desktop and laptop for example.
But are these concerns grounded in truth? Is there really a privacy issue here?
I downloaded and installed the new Desktop Search beta the other day. It has some interesting new features such as the ability to remove panels from the sidebar and dock them anywhere you like on your desktop.
And there are several more panels available to let you do anything from manage what is indexed, to passing time by playing games.
One of the coolest features is its ability to reach beyond the desktop it is on to do a variety of things. Now, I can play tic tac toe with co-workers, or even friends around the world.
But the biggest, and most troubling update to some is the ability to remotely index files, as well as share them using Google servers to temporarily store the items.
By turning this feature on you give Google the right to store your files for up to 30 days. Therein lies the crux of the issue – there seems to be no way around this 30 day requirement.
All I have to say is 'so what?'
So what if you have to give Google this ability? Google will encrypt the data so that no one else can access it. And even if there is some sort of DOJ subpoena requiring access to these files I don't think it would stand up in court.
This is because Google has set up a network whereby all your Google activities are tied to one Google account. Your personalized home page, gmail, google analytics, adwords and adsense accounts all share the same Google account. Therefore, it would be difficult for anyone to get a subpoena to review information pertaining to only part of that account.
Legalities aside, if you are that concerned about the privacy being surrendered to Google in order to use this system then don't sign up for it.
You can still download and use the new Desktop Search with most of its new features, but you don't have to use the file sharing.
But what if you want to share files between computers?
Well, do what I did – go to your favorite electronics store and buy a flash drive. I just bought a USB flash drive with over 2 gigs of storage for under $100. Now I can easily transfer anything between any computer with no worry of some government agency wanting to know what's on it.
As I said, I do have the new Google Desktop installed, and I did look at the settings for the search and file sharing, but I didn't turn them on. I have no need to be able to search my home computer from work and vice versa, nor do I need to share files between the two computers.
And if I did, I'll simply use the FTP site I have set up on a computer at home or the aforementioned flash drive.
Really, when it comes to all the other ways that Google captures your personal data, from search history to Gmail, should we be all that concerned that some files may end up being stored on a Google server somewhere?
I think we should have other concerns. For example, I think we should be concerned about what Google already knows about us via those services I mentioned earlier.
I think business owners should be concerned that such a service would allow employees to easily steal and transfer data to and from work.
I think if you are that scared of the US government infringing on your privacy then you shouldn't have a Google account, nor Google Desktop Search nor a Gmail account. In fact I don't think you should have any Internet accounts because quite honestly everyone is a target for the DOJ. Further, I can almost guarantee you that your local ISP will fold and hand over the data much easier than Google will.
So before you start complaining about how Google could infringe your privacy, remember that YOU have the ability to stop it from happening. It's just a matter of choosing to do so.
Thursday, December 25, 2008
Cisco CCNP / BSCI Exam Tutorial: Using Distribute Lists
To be successful on the BSCI exam and in earning your CCNP, you've got to master route redistribution. This isn't as easy as it sounds, because configuring route redistribution is only half the battle. Whether it's on an exam or in a real-world production network, you've got to identify possible points of trouble before you configure route redistribution - and you need to be able to control redistribution as well. You may have an OSPF domain with 100 routes, but only need to redistribute 10 of them into a neighboring RIPv2 domain. You've got to know how to do that, and one method is the use of a distribute-list.
A distribute-list is an access-list that is used to determine what routes can and cannot be redistributed. Distribute-lists let you specify what routes will be filtered from the process. You can use standard or extended ACLs, and you can filter routes that are coming into a routing process or being injected into another process.
In the following example, R1 is redistributing RIP routes into OSPF, but only wants to advertise network 150.1.1.0 /24 to other OSPF routers. An ACL will be written to match that particular network, and then the distribute-list will be written under the routing process. I'm going to show you the IOS Help output for the distribute-list command, and please note that routing updates can be controlled at the interface level or protocol level.
R1(config)#access-list 24 permit 150.1.1.0 0.0.0.255
R1(config)#router ospf 1
R1(config-router)#redistribute rip subnets
R1(config-router)#distribute-list 24 ?
in Filter incoming routing updates
out Filter outgoing routing updates
R1(config-router)#distribute-list 11 out ?
Async Async interface
BRI ISDN Basic Rate Interface
BVI Bridge-Group Virtual Interface
CTunnel CTunnel interface
Dialer Dialer interface
Ethernet IEEE 802.3
Lex Lex interface
Loopback Loopback interface
Multilink Multilink-group interface
Null Null interface
Serial Serial
Tunnel Tunnel interface
Vif PGM Multicast Host interface
Virtual-Template Virtual Template interface
Virtual-TokenRing Virtual TokenRing
bgp Border Gateway Protocol (BGP)
connected Connected
egp Exterior Gateway Protocol (EGP)
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
igrp Interior Gateway Routing Protocol (IGRP)
ospf Open Shortest Path First (OSPF)
rip Routing Information Protocol (RIP)
static Static routes
R1(config-router)#distribute-list 11 out rip
Using distribute-lists does guard against routing loops, but they have other purposes. You may have a network segment that should be kept secret from the rest of your company; a distribute-list can filter that segment's network number from the redistribution process. In this way, distribute-lists serve as a basic form of network security. (Very basic. I wouldn't sell that firewall on ebay if I were you.)
Keeping such networks out of routing updates and routing tables throughout the network has the side effect of reducing routing update overhead as well.
A distribute-list is an access-list that is used to determine what routes can and cannot be redistributed. Distribute-lists let you specify what routes will be filtered from the process. You can use standard or extended ACLs, and you can filter routes that are coming into a routing process or being injected into another process.
In the following example, R1 is redistributing RIP routes into OSPF, but only wants to advertise network 150.1.1.0 /24 to other OSPF routers. An ACL will be written to match that particular network, and then the distribute-list will be written under the routing process. I'm going to show you the IOS Help output for the distribute-list command, and please note that routing updates can be controlled at the interface level or protocol level.
R1(config)#access-list 24 permit 150.1.1.0 0.0.0.255
R1(config)#router ospf 1
R1(config-router)#redistribute rip subnets
R1(config-router)#distribute-list 24 ?
in Filter incoming routing updates
out Filter outgoing routing updates
R1(config-router)#distribute-list 11 out ?
Async Async interface
BRI ISDN Basic Rate Interface
BVI Bridge-Group Virtual Interface
CTunnel CTunnel interface
Dialer Dialer interface
Ethernet IEEE 802.3
Lex Lex interface
Loopback Loopback interface
Multilink Multilink-group interface
Null Null interface
Serial Serial
Tunnel Tunnel interface
Vif PGM Multicast Host interface
Virtual-Template Virtual Template interface
Virtual-TokenRing Virtual TokenRing
bgp Border Gateway Protocol (BGP)
connected Connected
egp Exterior Gateway Protocol (EGP)
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
igrp Interior Gateway Routing Protocol (IGRP)
ospf Open Shortest Path First (OSPF)
rip Routing Information Protocol (RIP)
static Static routes
R1(config-router)#distribute-list 11 out rip
Using distribute-lists does guard against routing loops, but they have other purposes. You may have a network segment that should be kept secret from the rest of your company; a distribute-list can filter that segment's network number from the redistribution process. In this way, distribute-lists serve as a basic form of network security. (Very basic. I wouldn't sell that firewall on ebay if I were you.)
Keeping such networks out of routing updates and routing tables throughout the network has the side effect of reducing routing update overhead as well.
Wednesday, December 24, 2008
Cisco CCNA Certification: The Path To Take After Earning The CCNA
Once you earn your CCNA certification, you've got quite a few exciting choices ahead of you! The majority of CCNAs go on to pursue another Cisco certification, and this is a wise decision. The more you know, the more valuable you are in today's IT market.
A question I'm often asked by new CCNAs is "Which certification should I go after next?" Often, these new CCNAs have their eye on the Cisco Certified Security Professional (CCSP) certification. While adding a security certification to your resume is an excellent idea, I strongly recommend that new CCNAs acquire their Cisco Certified Network Professional (CCNP) certification before pursuing their security certifications. The CCNP requires you to pass three or four exams (depending on the path you choose) that will demand a further mastery of some subjects you studies to earn your CCNA as well as several important topics that you haven’t seen yet.
The CCNP builds on the foundation of networking knowledge you built when you earned your CCNA, and your CCNP study will add greatly to your skills and resume. There are some common technologies that you'll see in many networks - BGP and route redistribution among them - that you don't learn about in your CCNA studies. By pursuing your CCNP, you'll also learn much more about OSPF, switching, and refine your troubleshooting skills. These are skills that will pay off in your current job as well as any future job hunting you do.
A question I'm often asked by new CCNAs is "Which certification should I go after next?" Often, these new CCNAs have their eye on the Cisco Certified Security Professional (CCSP) certification. While adding a security certification to your resume is an excellent idea, I strongly recommend that new CCNAs acquire their Cisco Certified Network Professional (CCNP) certification before pursuing their security certifications. The CCNP requires you to pass three or four exams (depending on the path you choose) that will demand a further mastery of some subjects you studies to earn your CCNA as well as several important topics that you haven’t seen yet.
The CCNP builds on the foundation of networking knowledge you built when you earned your CCNA, and your CCNP study will add greatly to your skills and resume. There are some common technologies that you'll see in many networks - BGP and route redistribution among them - that you don't learn about in your CCNA studies. By pursuing your CCNP, you'll also learn much more about OSPF, switching, and refine your troubleshooting skills. These are skills that will pay off in your current job as well as any future job hunting you do.
Tuesday, December 23, 2008
5 Steps to Securing Your Windows XP Home Computer
Most people are aware that there are continuous security issues with Microsoft’s Windows operating system and other programs. However, what most people do not realize is how easy it is to significantly improve your computer’s security and reduce the likelihood of becoming a victim to ever increasingly sophisticated threats that lurk on the internet. These steps should take less than a couple of hours to complete and should not clean out your wallet.
1) Windows Update – the first crucial step you need to take to make sure that all your Microsoft applications have all the latest product updates installed. These updates or “patches” address security vulnerabilities and other issues. Microsoft usually issues these updates on a monthly cycle. Visit the Microsoft website or switch on automatic updates from the Windows Control panel. Even if your “new” computer is second hand this is still a critical first step. If you buy a used computer with Windows XP make sure Service Pack 2 or SP2 is installed.
2) Strong Passwords - people often overlook this but having well thought through passwords is an important element of your computer security. A strong password should include at least 8 characters with a mixture of text, symbols and numbers. As a minimum you need to make sure the services most at risk have a strong log-in password. These services include your bank, credit card, other financial services like PayPal, your email address and any other services like Ebay which hackers can use to generate profit.
3) Anti Virus Protection – while it is fair to say the threat of the computer virus has receded during the last couple of years they can still inflict serious damage on your computer. Part of the reason why the threat has reduced is because PC manufactures are now more frequently bundling anti virus packages with their new computers. For example last year my new Dell shipped with a 90-day trial of McAfee's Internet Security Suite. The best bet here is to purchase a security package which includes firewall and anti virus software as a minimum. Top brands include McAfee and Symantec Norton products. However, Microsoft has recently entered the market with their "OneCare" offering which is very aggressively priced.
4) Firewall - if you are using a broadband connection then a firewall is definite requirement to manage the traffic flowing between your computer and the internet. A firewall monitors the inbound internet traffic passing through the ports of your computer. Better products also monitor outbound traffic from your computer to the internet. As per above the best bet here is buy a firewall application as part of a security package which most vendors offer as standard. If a hardware firewall is included as part of your router package then you do not need anything else. A company called Zone Labs offer a great free firewall product called Zone Alarm which should be used as a minimum. Windows XP does now ship with a free firewall but the product does not monitor outbound communication and therefore I believe does not offer adequate protection.
5) Anti Spyware Tool - this software is the last piece in your basic internet security set up. This tool helps combat spyware and adware. There is a good mixture of free and paid versions on offer. Good free software include Microsoft's Windows Defender, Spybot S&D or Ewido Anti-Malware. Ewido Anti-Malware is frequently recommended in computer help forums. Be careful if you decide to purchase a solution. There are a number of rogue vendors out there which aggressively push products which offer you little value. Stick to trusted names like Webroot's Spy Sweeper or PC Tool's Spyware Doctor. These products always come out well on independent tests.
1) Windows Update – the first crucial step you need to take to make sure that all your Microsoft applications have all the latest product updates installed. These updates or “patches” address security vulnerabilities and other issues. Microsoft usually issues these updates on a monthly cycle. Visit the Microsoft website or switch on automatic updates from the Windows Control panel. Even if your “new” computer is second hand this is still a critical first step. If you buy a used computer with Windows XP make sure Service Pack 2 or SP2 is installed.
2) Strong Passwords - people often overlook this but having well thought through passwords is an important element of your computer security. A strong password should include at least 8 characters with a mixture of text, symbols and numbers. As a minimum you need to make sure the services most at risk have a strong log-in password. These services include your bank, credit card, other financial services like PayPal, your email address and any other services like Ebay which hackers can use to generate profit.
3) Anti Virus Protection – while it is fair to say the threat of the computer virus has receded during the last couple of years they can still inflict serious damage on your computer. Part of the reason why the threat has reduced is because PC manufactures are now more frequently bundling anti virus packages with their new computers. For example last year my new Dell shipped with a 90-day trial of McAfee's Internet Security Suite. The best bet here is to purchase a security package which includes firewall and anti virus software as a minimum. Top brands include McAfee and Symantec Norton products. However, Microsoft has recently entered the market with their "OneCare" offering which is very aggressively priced.
4) Firewall - if you are using a broadband connection then a firewall is definite requirement to manage the traffic flowing between your computer and the internet. A firewall monitors the inbound internet traffic passing through the ports of your computer. Better products also monitor outbound traffic from your computer to the internet. As per above the best bet here is buy a firewall application as part of a security package which most vendors offer as standard. If a hardware firewall is included as part of your router package then you do not need anything else. A company called Zone Labs offer a great free firewall product called Zone Alarm which should be used as a minimum. Windows XP does now ship with a free firewall but the product does not monitor outbound communication and therefore I believe does not offer adequate protection.
5) Anti Spyware Tool - this software is the last piece in your basic internet security set up. This tool helps combat spyware and adware. There is a good mixture of free and paid versions on offer. Good free software include Microsoft's Windows Defender, Spybot S&D or Ewido Anti-Malware. Ewido Anti-Malware is frequently recommended in computer help forums. Be careful if you decide to purchase a solution. There are a number of rogue vendors out there which aggressively push products which offer you little value. Stick to trusted names like Webroot's Spy Sweeper or PC Tool's Spyware Doctor. These products always come out well on independent tests.
Subscribe to:
Posts (Atom)
