[AI] Protect your PC and personal data from hackers and

vishnu ramchandani vishnuhappy at yahoo.com
Tue Jan 22 23:28:28 EST 2008


Protect your PC and personal data from hackers and
malware

By
Vineet Kumar 

 You do it almost everyday. You login into your
computer, send
 e-mails,
 open attachments from friends and strangers, shop
online, transfer
 money
 using your
 banks secured payment gateway, chat with friends and
upload personal
 information on social networking sites.

 But have you ever given a thought to someone who is
keeping a close
 watch
 on all your online activities. Someone, somewhere in
some corner of
 this
 planet
 trying to get inside your computer and filch one of
the most
 important
 resources of information age: personal data.

 Data that can be abused to make purchases online,
send malicious
 programmes to all those on your contact list and many
such things to
 harm
 you. Welcome
 to the age of hackers (these are people who try to
gain access to
 your
 computer using various hacking tools and misuse your
personal data)
 and
 spies lurking
 on the vast Internet highway.

 But don't worry. There are ways in which you can beat
the 
 hackers. However,
 when it comes to security nothing is 100 per cent
secure. Loads of
 exploits are
 developed everyday. Updating the knowledgebase should
be a regular
 process. Following could be few of the many measures
that could be
 taken
 to protect
 your computer and all things that you do online:

 ~ Install the latest antivirus software (I recommend
Kaspersky, Eset
 Nod32, Quickheal, F-Secure) on the computer and never
ever disable
 or 
 turn
 it off.
 Install a personal firewall (
 www.sygate.com
 and
 www.zonelabs.com
 offer free versions) and Spyware Checker (I recommend
Spybot Search
 &
 Destroy).

 ~ Keep updating antivirus/anti spywares at least
every 15 days. Use
 separate
 Trojan
 removers like anti Trojan shield if possible. Full
system scan with
 your
 anti virus at least once in a week or better set it
to scan
 periodically
 and give
 a small interval say every Friday (the day may vary
according to
 your
 choice).

 ~ There are a few free online scanners available at
 
http://housecall.trendmicro.com
 
 or
 
http://www.kaspersky.com/kos/eng/partner/us/kavwebscan.html,
 and
 
http://support.f-secure.com/enu/home/ols.shtml.

 ~ Get System's health checked regularly at
 
http://www.pcpitstop.com/.
 The site checks the overall system health, tunes up
the system and
 finds
 out the vulnerabilities. It's a free service.

 ~ Don't ever download or open attachments whose
source you are not 
 certain
 about. Even if the source is trusted, see if the
content is
 relevant. 
 Even
 non-executable
 files like *.Doc files can contain macro viruses and
Trojans. There
 are
 some special sort of programmes called worms, which
don't need human
 interaction.
 You just open a mail or visit any website and that's
it. So always
 stay
 alert. Avoid opening e-mail attachments that contain
'.vbs', '.scr',
 '.exe', or
 '.pif' file extensions. Files that end in these
extensions are most 
 likely
 to contain some sort of virus.

 ~ Web browsers like Fire Fox, IE 7 & Opera offer good
security
 features.
 Test your Web Browser for Vulnerability at
 
http://bcheck.scanit.be/bcheck/.

 ~ Never download any files specially executables over
P2P
 (peer-to-peer)
 sharing networks, because you cannot be absolutely
certain what they
 are.
 P2P file
 sharing programmes can lead to the installation of a
lot of adware
 and
 spyware. Try downloading executables from authentic
and well-known
 sites;
 don't
 just download files from anywhere.

 ~ Try not to visit porn sites, Warez, sites of cracks
and serials
 because
 most of them have hell lot of latest spywares,
Trojans and viruses
 .One
 visit
 and you are gone if your virus definitions are not up
to date.

 ~ Be familiar with the installed programmes on your
computer. If you
 notice a new programme installed, which you didn't in
the first
 place,
 possibilities
 are that it might be something malicious.

 ~ Read the installation agreements carefully when you
download
 something
 from the Internet. Pay attention to the terms and
conditions or EULA
 (end-user
 license agreements) of the program being installed.
Reference to
 third
 party installation should be given more attention.
Some EULA's tell
 you
 that, if
 you install the program, you have also agreed to
install some
 spyware 
 with
 the software. Do check the independent sources as
some EULA's do not
 mention
 about the Spywares.

 ~ Back up your computer data on a regular basis, at
least weekly.
 Copy
 your important documents and files onto a floppy
disk, removable
 drives,
 CD or a
 DVD for safekeeping. Don't wait for the disaster to
happen, take the
 precaution before hand. Create system restore points
periodically

 ~ Use e-mail encryption like PGP to send important
information via 
 emails.
 Don't send important information in plain text.

 ~ Never respond to unsolicited e-mail. To those who
send spam, one
 response or 'hit' from thousands of e-mails is enough
to justify the
 practice. Additionally,
 it validates your email address as active, which
makes it more
 valuable,
 and therefore opens the door to more spam.

 ~ Beware of phishing attacks. Sites like
 www.antiphishing.org
 offer latest updates on phishing along with good
security tips

 ~Don't chat with strangers just for fun. Don't ever
accept any file,
 especially executables from an unknown person on
chat. Don't click
 on any
 links given
 by someone you don't know.

 ~ Do not accept links or downloads from strangers
even if it is
 tempting.
 There have been cases where spywares like Trojans,
keyloggers etc.
 have
 been hidden
 in simple picture files with '.jpg' extensions. You
never really
 know 
 what
 is contained inside a file which looks attractive.

 Today people use binders to club two different files
and send you
 the
 mixture. Once you click on the file both file gets
executed.

 ~ Be cautious while displaying your profile,
especially your
 personal
 details, photographs, videos and contacts on social
networking
 sites. 
 Your
 profiles
 and contacts may be misused by other people.

 ~ Install parental control softwares like netnanny
that helps you
 choose
 what the kids see on the Internet and monitor the
activities of
 children.
 For more
 details visit
 
http://www.microsoft.com/athome/security/children.

 Wireless security

 ~ If you have a wireless network, turn on the
security features: Use
 MAC
 filtering, turn off SSID broadcast, and even use
WEP/WPA/WPA2 with
 the
 biggest
 key you can get.

 Online shopping safety tips

 ~ While purchasing online, look for signs that online
purchases are 
 secure
 (SSL secured sites or 128 bit encryption) like
 Ebay.co.in.
 At the point that you are providing your payment
information a
 golden
 coloured lock appears (for SSL secured sites) or the
beginning of
 the Web
 site address
 should change from http to shttp or https, indicating
that the 
 information
 is being encrypted -- turned into code that can only
be read by the
 seller.

 Your browser may also signal that the information is
secure with a 
 symbol,
 such as a broken key that becomes whole or a padlock
that closes.

 ~ Carefully use credit card and online banking for
online shopping.
 Check
 your credit card and bank statements at regular
intervals. Notify
 the 
 bank
 immediately
 if there are unauthorised charges or debits. Avoid
using credit card
 details and online banking on public computers and in
cyber cafes.
 It is
 very unsafe
 because most of them are infected with viruses,
Trojans and key
 stroke
 loggers.

 Banks such as HDFC [
 Get Quote]
 have launched their services like Net Safe to create
temporary
 credit
 cards with a limited value to transact online. This
way, in the
 worst 
 case
 scenario,
 your damages are limited.

 Password security

 ~ Use two different passwords. One for mail, work and
other
 important
 access and other for routine purposes like
subscribing to websites
 or
 public viewing.
 But remember to switch between them when you start
doing
 transactions
 after mere browsing. Create another e-mail ID
providing false
 information
 and crazy
 usernames like 'whitecat_4u', 'kkk320' etc. which you
use
 exclusively for
 subscription to sites. That will prevent spam from
coming to your
 main 
 ID.

 ~ Create a difficult-to-guess password by taking the
first alphabet
 from
 each word of a phrase. What is a good password? It is
a password
 which is
 at least
 8 characters long, not easily guessable, contains
mixture of
 uppercase 
 and
 lowercase letters as well as numbers, and preferably
contains
 special
 characters
 like $, *, %, !, * etc. Some examples of a good
password are:
 &(^.1234*cRack&.^).

 ~ Always use alphanumeric passwordwith special
characters and try to
 
 adopt
 phrasing technique to construct passwords which are
easy to
 remember, 
 hard
 to
 guess and impossible to crack. Create a unique
acronym. Never use a
 dictionary based password like guest, home etc. It
takes little time
 for 
 a
 good cracker
 to crack the password.

Vineet Kumar is the founder and CEO of
 National anti-Hacking Group.


      Share files, take polls, and discuss your passions - all under one roof. Go to http://in.promos.yahoo.com/groups





More information about the AccessIndia mailing list