Posts tagged Security
How to Prevent Adware / Spyware?
Dec 3rd
Are you a frequent Internet user? Do you download and use many free software and applications from internet? If YES, then be aware that your information may be stolen without your knowledge. Understand that those information that you willingly give may be sold to third parties.
Programs capture your personal information
Most of the free programs and software that you download from internet fall under any of the following Categories; Shareware, Demoware, Freeware or Adware. Among these Adware is usually the most doubtful and dangerous program. Adware stands for Advertisement + Software. Hence, if you install a downloaded program that is an ‘Adware’ then you will see many advertisements on your computer. And your personal information will be sent to these advertising companies by this adware automatically.
When you install these adware software it will bring you to that company’s website to register with your personal information before you can use the software. This is called ‘Registration for software activation’. To activate such software you HAVE to give your personal particulars. This information that you submit to such companies will be later sold to third parties.
Your information is stolen through websites:
Many websites and programs that you download and install will monitor your activities when you are connected to the internet. For example, details like which websites you frequently access and which links you click. Based on this collected information you will be judged and categorised and you will be sent SPAM emails that target your interest.
A frequent trick used by these softwares it to show a 1×1 pixel GIF image which is invisible to your eyes. But this GIF file will contain Scripting Code that does all these spying activities.
How to prevent spyware and Adware?
Some wrongly think that they do not have any valuable information about them and therefore do not need to worry about their information being stolen. Even your email address is a very important piece of information to these thieves. They will sell this email address to third parties who will send you SPAM emails. So instead of receiving hundreds of SPAM emails daily, you can try to prevent this from happening. Isn’t it?
Download and install an ‘Adware Remover’ software in your computer. You can use Lavasoft software in your computer. Lavasoft’s ‘Ad-Aware’ is a popular adware removal software which can be downloaded from www.lavasoftusa.com .
Install a Firewall in your computer. If you have a single computer, then a software firewall is sufficient to protect your computer. Many companies sell software firewalls. But you do not need sophisticated firewall. You can download and install a free firewall, Zone Alarm from the website www.zonelabs.com .
How to prevent stealing of passwords and credit card details?
Dec 3rd
We use internet for many purposes. In many websites we use different login names and passwords. For example, if you use any of the free web emails such as gmail, yahoo or hotmail then you will have to login with your login name and password before accessing your email inbox.
Similarly, if you use any commercial websites for internet shopping such as Amazon or eBay then you may have to use your credit card details before buying online. Only then can you buy online. If we lose credit card related information then we may lose money. If this information falls into the hands of hackers then we are seriously at danger of losing money. This hacker can then use your credit card details to buy anything.
Worse still, if someone uses your login name and password to login to a server and carries out any destructive activities then you will be blamed for that activity. Court trial or penalties or fine may make your life miserable.
The password, credit card details can be stolen from three places.
From your computer, when you type in your browser these key strokes can be captured
Or while this information packets are transmitted from your computer to the server. This is called ‘Wiretapping’. Hackers and crackers can easily accomplish this.
From the web server’s database. In this database, like your data, many people’s information will be stored. If the hacker gains access to these databases then he can get these data.
Of these, the first and the second method of stealing can be prevented by you. The third way of stealing from web server, is not in your hands and you can not do anything to prevent it. Let us see how you can prevent the first two methods of stealing.
The login name, password and credit card details that you type in your browser are sent as text via internet to the web servers. The hackers and crackers can easily read this text. They cannot read it if it is encrypted. This is where Secure Sockets Layers are used.
Whether the web server that you are connecting to, uses SSL to encrypt the data can be found from your browser. For example a ‘closed lock’ icon will be displayed in the status bar of your browser. If there is not clocl icon in the status bar then those websites do not use SSL and therefore not secure.
In your ‘Internet Explorer’ choose ‘Tools-Internet Options’. In this new dialog box select the ‘Advanced’ tab. Here, you will see many check boxes under the security section. 1. Use SSL 2.0. 2.Dont save encrypted pages to disk 3. warn if form submitted is being redirected 4. warn if changing between secure and not secure mode. 5. check for server certificated relocation 6. warn about invalid site certificates. See that all these six options are selected.
From now on, the browser will prompt your, whenever you enter/view websites whether that page is secure, and when you type any details, whether the data is encrypted or not.
In login pages, when you key in the first two or three letters of your username, Internet explorer will auto complete the username and password to make it easier for you. But this feature can be a problem if many people are using the same computer. Others may enter into your account just by typing the username and without even knowing your password. So it is better to ‘TURN OFF’, ‘Auto Complete’ feature. To do this, select ‘Tools-Internet Options’. Choose the ‘Content’ tab and click the ‘Auto complete’ button. Click on the ‘Clear passwords’ button and delete all the stored passwords. If the ‘Usernames and passwords on forms’ check box is selected then de select it.
Also clear all the cache files from your browser. To do this select ‘Tools-Internet Options’. Select the ‘General’ tab. In the ‘Temporary internet files’ section click the ‘Delete Files’ button. Now click on ‘Yes’ and ‘OK’.
Congratulations, now you have reduced the possibility of your passwords to be stolen.
How to safeguard passwords?
Dec 3rd
Most of the internet websites make it compulsory to register and issue you with an username and a password to login to their website. We may have to remember many such username/passwords for different websites. When accessing these websites the computer will prompt and ask you whether you want to save these passwords for future use. If you say ‘yes’ then the password that you key in will be stored in your computer. The next time you visit this website and key in the first letter of your username, the computer will auto fill the username/password for you.
Another similar feature is ‘Remember password’. Some websites provide this link in their login page. If you select this option while logging in then the password will be stored in your computer and the subsequent visits to this website you need not remember the password.
But saving these passwords to you computer is not safe. Do you know that these passwords can be retrieved by hackers? Moreover many people may access the same computer and may kn ow your username. Therefore they may be able to login to those websites without knowing your password.
The password text box in these websites will just display ‘*’ instead of the actual password. But do you know that there are some softwares that can convert these * (stars) into the actual password?
For example ‘See Password‘ is a software that can do just this. You can download this software at www.seepassword.com. When you are not around, someone could install this software in your computer. And if they goto the website’s login page and key in your username the computer will auto fill the username and password. Password will be displayed as many ****. If this someone then shows the ‘See password’ icon on top of the ****s the software will clearly show the clear password.
If you are not willing to buy ‘See Password’ software for $19.99 then you can use the ‘View Passwords‘ free java software. You can download this software fromwww.squarefree.com
How to hide the passwords?
- There is no way you can hide the passwords. There are many tools available that can easily look into your computer and retrieve the saved passwords. Therefore the best way to safeguard your passwords is not to store them on your computer. You have to remember them in you head. And as far as possible do not use the ‘remember password’ or ‘remember me’ options in websites if your computer is shared by many others.
- If you have already saved the passwords in your computer try to clear them. It is best to clear the passwords from your internet explorer options under the ‘Content’ tab and ‘Auto complete’ option.
- If you are an outlook user and your computer is shared then do not save passwords for your email accounts so that whenever you start outlook it will prompt for the password.
What is a firewall and why you need it?
Dec 3rd
There two ways your computer can be attacked. Firstly by Viruses and secondly by Hackers/Crackers. To protect your computer you need Anti-virus softwareand a firewall which can be either software or hardware.
Whenever you connect to the internet, there is possibility of your computer being attacked by exploiting security holes in your computer. To find out whether your computer is well protected or you have security holes the following websites can be used to check.
Sygate Tests ( http://scan.sygate.com )
Shields up ( http://www.gre.com/x/be.dll?bhobkyd2 )
PC Flank ( http://www.pcflank.com/about.htm )
The above websites will scan your computer thoroughly and tell you whether your computer has security holes. Most of us know that Anti-virus software is required to protect one’s computer. However anti-virus software is not enough, you need a firewall to fully protect your computer.
Also installing the Anti-virus once is not enough. You need to constantly update it. Even in firewalls you have to review your policies often and update them.
What is a firewall and what are the types of Firewall?
There are both hardware firewalls as well as software firewalls. There are also firewalls with built in anti virus and spam filter softwares. Norton Internet Security, McAfee Internet Security, Zone Alarm Security Suits, Norman Internet Control are some examples of such software available today.
Your computer’s file system and protocols that are used to communicate with other computers which is called ‘Network Stack‘ are often under attack. Therefore if you prevent these two from happening your computer will be safe. To protect your file system, anti-virus software is used while to protect your network stack, firewall is used.
The files that you download from internet and the emails that you receive from others are scanned by the Anti-virus software. If virus is found in them the anti-virus software removes them. Likewise in the computer files that are opened, edited and all files in the computer are scanned and protected by the anti-virus software.
Your computer has many network ports. It is through these ports that you avail many internet services. For example HTTP protocol uses port 80 while FTP protocol uses port 21.
When you are connected to the internet, hackers can find the ports that are open in your computer and use these ports to take control of your computer. By default all ports in your computer is open. Therefore closing all the unused open ports can prevent crackers from entering your computer. This is done using the firewall.
Moreover you can ban any port that you think is unsafe. For example if you need to download files from internet buy do not want hackers to download files from your computer then you can configure your firewall to open ‘download’ service of FTP while blocking the ‘upload’ feature.
You may have heard of the MPS-Blaster worm that attacked many computers and destroyed them. This work entered these computers using port 135. This worm cannot enter those computers in which the port 135 was closed.
If you need a particular port to be open but you are scared that other hackers may use this port to enter your computer then you can use the ‘IDS – Intrusion Detection System’ feature of the firewall. IDS uses Signature based monitoring. If large amount of data is copied to the computer’s buffer through a particular port then the IDS detects this behavior and alerts the user. Note that all firewalls do not have this feature.
There are three types of firewall namely, Packet Filtering, Proxy Server and Stateful Inspection. For home users, small offices and small businesses Packet filtering firewall is sufficient. Companies with big networks can use the proxy server firewall. Stateful firewall is the latest and it is very popular and suitable in all environments.
Worm Vs Virus
Dec 3rd
Whenever we get news about viruses some are referred as viruses and some are referred as worms. Therefore many do not know the difference between virus and worm.
Viruses are computer programs that multiply themselves. These programs will get embedded into other programs and hide inside them. Some viruses even enter into Operating Systems and function as per their commands. But viruses cannot spread from one computer to another computer unless it is attached purposely in an email and send to another computer manually.
Worms are also computer programs that multiply themselves. But instead of multiplying and spreading in the same computer they spread between one computer to another computer. The whole system is affected by the worm. Therefore the computer’s performance is affected and slows down. Worm computer will be in the network and destroy the memory. It will identify other computers in the network and spread to them. To whichever computer it goes it will access the address book in that computer and send itself to all the addresses.
Therefore you can say that Worms are created for the purpose of spreading between computers and Viruses are programmed to stay and multiply in the same computer.
Worms take control of your computer while viruses delete files from your computer.
In both cases, it destroys your computer. So it is a good practice to protect your computer from them.
Recent Comments