Saturday, February 10, 2007
Helpful Tips to Protect Yourself Online
1. If you have a DSL or Cable Internet service, go buy a cable/dsl router like the Linksys BEFSR41 (I am not endorsing Linksys, though I like their products). Install it between your modem and your computer. Make sure that you know your modem's IP address (In MS Windows, open a command prompt and type ipconfig /all. The gateway address will likely be your cable modem's internal IP address.) Write or copy that information down before you install the router. My ex-wife's DSL modem had the same IP address by default as the Linksys DSL router I bought her. Whoever thought that up was not very bright. If your DSL/Cable modem comes with it's own builtin firewall, then lucky you.
2. Use Firefox or another third party browser instead of Internet Destroyer, er Explorer, and keep it up-to-date.
3. If you are really paranoid, go to www.vmware.com and download VMware Server for free. Install it. Then go to www.knopper.net and download the Knoppix Live CD image. You can install Knoppix from the image file through the virtual CD-Rom drive. You will need to create a 3-4 GB virtual hard disk. Once you have Knoppix installed on the virtual machine, take a snapshot of it. After creating the snapshot, surf the Internet to your heart's content from the virtual machine. If the virtual machine gets compromised, roll back to the snapshot.
4. Only use your real browser for your online banking if they require a MS Windows browser version. If your bank is dumb enough to require a Microsoft only solution and they use Microsoft web servers, then you might want to find another bank that uses a more Web neutral solution. I am not knocking Microsoft. They have been good to me in the past, but their products are the common and easy targets for crooks. A bank that is locked in with Microsoft is over reliant on Microsoft's security for their protection, and it means that they haven't thought the online security issues through. Chances are that they went with convenience instead of security. There's a truism in IT circles, "No one ever gets fired for buying Microsoft."
5. Use a mail service like Gmail and download any suspect attachments in the virtual machine. Google is pretty good about catching viruses as attachments, but they use a passive scanner and I have captured viruses and emailed them to friends for analysis and Gmail missed the malicious code and let it through! You can submit any attachment to a service such as VirusTotal which will scan the file with multiple Antivirus engines and let you know if it's suspicious. Just because it passes VirusTotal's metascan does not mean that it isn't malware. It just means that nothing suspicious was detected.
6. If you don't believe me, read this ComputerSweden article, or visit Arbor Network's ATLAS service to see how good your ISP's security really is.
Some of you will wonder why I didn't suggest buying a wireless cable/dsl router. The reason I didn't is because you trade security for convenience. Wireless devices give one freedom and convenience, but they are easily sniffed. Anyone can eavesdrop on a wireless transmission. If you have a wireless router, take the time to lock it down unless you want people to use your cable or dsl connection as a public access point. If you have a laptop and it has sensitive information on it, look into encrypting the whole hard drive, or keep the sensitive information on a USB key. Don't check sensitive financial accounts via a publically available wireless connection unless you know what you are doing.
About virusscanners, you should try Bullguard.
Mac emulators are not vey good. Windows Vista is very excellent because it is self-repairing and really made for computer-and-internet idiots like me.
Links to this post: