ERA Southern California
ERA Southern California
How to keep your PC
safe
By practicing safe computing...
- BACKUP your DATA
How often? How much data can you can afford to lose?
- UPDATE WINDOWS
Automatically, plus do it manually each week
- UPDATE your
ANTIVIRUS SOFTWARE
Automatically, plus do it manually each week
- RUN
AD-AWARE
Keep it on. Update and run it each week.
- USE a FIREWALL
like ZONEALARM
See the firewall article below.
Sources of Help & Information
Jeff Levy
http://jefflevy.com/
Click on Lessons to see an archive of
his weekly lessons.
Kim Komando
http://www.komando.com/newsletter.asp
Click on Newsletters, sign up for
Weekly Newsletter and Tip Of The Day.
ERA Southern California Weekly Email
Newsletter
Our own newsletter often includes tips from the sources above.
****************************************************************
FREE PROGRAMS TO
PROTECT YOUR COMPUTER
From
www.komando.com/tips/protectyourcomputer.aspx
March 2, 2008
Antivirus programs
There are tens of thousands of malicious programs circulating on the Internet.
These include viruses, worms, Trojans, dialers and other monsters. This stuff
poses a terrific threat to computer users. To counter these programs, use
antivirus software. You should only run one antivirus program on your computer.
Make sure to keep it updated as virus definitions are constantly being updated
• AVG
AntiVirus
• avast!
• PC
Tools AntiVirus
Firewalls
Firewall programs will render your computer invisible to hackers’ probes.
Hackers run scanning programs over the Internet, looking for computers with
electronic openings, called ports. Good firewalls such as these make your
computer invisible to the scanners.
• Zone
Alarm
• Outpost
Firewall
• GhostWall
Anti-spyware software
Spyware tracks your Web surfing and reports your interests to a computer on the
Internet. Adware sits on your computer and feeds you ads. You need programs that
will keep most spyware pests from taking root. And you need other programs to
annihilate spyware that collects on your computer. You should use multiple
anti-spyware programs on your computer.
• Ad-Aware
• Spybot
Search & Destroy
• Microsoft
Windows Defender
• SpywareBlaster
Safe Browsing
Microsoft's Internet Explorer is rife with security holes. Over the years, many
have been patched through Windows updates. But new ones continue to appear. I
recommend that you switch to the Firefox browser. It is free and I think it is
inherently safer.
• Firefox
Web Browser
Related Tips
• Step-by-step,
secure your home wireless network
• 5
steps to secure a new PC
• Stay
safe with free security software
• It's
a cruel world. Protect yourself
• Secure
a new PC before going online
• Secure
your new Mac
Secure a New Laptop Before Going Online
Protect your investment. It isn't hard, and everything you really need is free.
Install a firewall, an antivirus program and
two or more anti-spyware programs, then lock
down your wireless network.
First, you need a firewall. I recommend enabling the Windows firewall for now.
Then, download
ZoneAlarm (www.zonelabs.com).
Turn off the Windows firewall and install ZoneAlarm.
Next, you’ll need one antivirus program. I recommend
avast! (www.avast.com),
PC Tools AntiVirus (www.pctools.com)
or
AVG (free.grisoft.com).
Finally, you’ll need two or more anti-spyware programs. Unlike firewalls and
antivirus programs, anti-spyware programs won’t conflict. Try
Windows Defender (www.microsoft.com),
Spybot (www.safer-networking.org),
SpywareBlaster (www.javacoolsoftware.com)
and
Ad-Aware (www.lavasoftusa.com).
They’ll all do the trick.
Now, that’s only part of the security equation. You’ll also want to make sure you’ve locked down your wireless network. I’ve got a tip that covers that in depth.
Oh! Silly me! I assumed you’re running a Windows machine. But, if you’re on a Mac, my helpful tip will tell you what you need.
(Thanks
to Kim Komando, 3-2-08,
www.komando.com)
Keeping Your Software Up To Date
Every weekend I run the
Secunia Software Inspector. It tells me what's out of date and where to get
the update. It checks all the obscure programs that could cause me problems. You
should use it, too.
Lots of people still use Internet Explorer on the Web. Unfortunately, browsers are still inviting targets. Internet Explorer is theoretically as safe as other browsers. But it is actually part of Windows. If somebody is coming in, IE might facilitate that.
To get around that, I use Firefox. It's available on my site. Is it a better browser? Probably not. But it's not part of Windows, so I think it is safer. Another good browser is Opera. I also have it on the site.
Many Mac owners feel they are invulnerable to Web threats. That's not completely true, but Macs are much less likely to be attacked. Nonetheless, I wouldn't take a security risk. Macs are selling well. At some point, they'll be targeted. I have Mac security information on my site.
(From Komando.com June, 2008)
Here is a short July 2007 column from Kim Komando covering the basics of safe computing:
Antivirus software is absolutely essential. There are countless pieces of malware on the Internet, just waiting to infiltrate your computer. Your situation is analogous to not having a lock on your front door, in a really bad neighborhood.
Heaven only knows what you have on your computer. Viruses and Trojans are just the start. It is probably caked with spyware, too. So you need to run a few anti-spyware programs. These programs do not conflict. Virus programs do, so only run one of them.
I have free antivirus programs on my site. Here
are three good ones:
•
PC Tools
•
AVG
•
avast!
PC Tools is for Windows XP and Vista. AVG and avast! also work with Windows 98 and ME.
Here are four free anti-spyware programs:
•
SpywareBlaster
•
Spybot-Search & Destroy
•
Windows Defender
•
Ad-Aware
Do you keep Windows updated? Over the years, there have been countless security updates. If your computer has not been updated, take care of that. Leaving security holes is very dangerous.
To update, open Internet Explorer. Click Tools>>Windows Update. Follow the directions.
You also need a firewall. These programs hide
your computer on the Internet. They also keep a malicious program from reporting
to a home computer if it gets on your machine. Here are a few free ones:
•
ZoneAlarm
•
Jetico
•
Outpost
There are a lot of threats on the Internet. Without competent security, you are a sitting duck. It is essential that you protect your computer. To do that, you must learn the threats.
I have a great deal of information on my site. It is all pulled together in my book, Kim Komando's Complete Guide To Computer Security and Privacy.
****************************************************************
Ad-Aware + Spybot
Search & Destroy (Free)
Knock Out Spyware
I get lots of questions from people who are being run ragged by
pop- ups. Or something has hijacked their home page. Or their
search engine has been changed in their browser.
These problems are almost always related to spyware. Spyware programs
(also known as adware) are advertising applications. They are often
included as part of the package when you download free programs from
the Internet. Most spyware programs are unobtrusive. They record where
you go on the Web, then report that information to an advertising
computer on the Internet.
But some spyware programs are very intrusive. If you are getting lots
of pop-ups or something has changed your browser settings, you probably
have one of these. Rather than being distributed with other programs,
these programs are often downloaded by themselves. The people who
download them are attracted by a free offer. Of course, they don't
realize the downside until the program is installed.
Spyware is generally easy to get rid of. In most cases, you can track
it down and delete it with Ad-aware (http://www.lavasoftusa.com)
or
Spybot Search and Destroy (http://spybot.eon.net.au).
Both programs
are free and easy to use.
However, sometimes programs just won't go away. I've solved that
problem by searching the Internet. If you can't get rid of a
program, you may be sure others have the same problem. I use
the Google (http://www.google.com)
or Teoma (http://www.teoma.com)
search engines. Put the name in the box and search. You'll probably
find the information you need.
(From Kim Komando - September, 2003)
***
Mozilla Firefox (Free)
Use An Alternative Browser
The market share held by Microsoft's
Internet Explorer has fallen by
1.57 percentage points, according to WebSideStory, which measures Web
metrics. A survey found that 94.16 percent of surfers were using IE,
down from 95.73 percent.
That slippage is the first for Internet Explorer in ages. It occurred
as security problems piled up for the Microsoft browser. Apparently,
people are moving to Firefox, Mozilla, Netscape and Opera.
Personally, I have switched to Firefox. I intend to stay with it at
least until Microsoft resolves its security problems. The U.S. Computer
Emergency Readiness Team has recommended such a switch. You can
download the free Firefox at:
http://www.mozilla.org/products/firefox/
In the meantime, Microsoft said it is working on a comprehensive fix
for IE. It said it does not think a switch in browsers is warranted.
(From
Kim Komando - July,
2004)
***
ZoneAlarm (A free firewall)
Software firewalls became a necessity when surfers switched to
broadband. Firewalls hide computers, so that hackers can't identify
vulnerable machines with pinging programs.
Broadband connections often have static Web addresses. When unprotected
computers respond to pings, hackers can return with an attack. They
know where to find the computer, because its address does not change.
Dial-ups are a different story. When computers dial into the Internet,
they are assigned a temporary Web address. These numbers are changed
each time the computer dials in. When a hacker returns to attack a
computer, it has a different address. The hacker can't find it.
So, Martha, in Asheville, NC, wanted to know if she needed a firewall
for her dial-up. I'd say yes, although I don't think it's critical.
In addition to hiding computers, firewalls block outbound
transmissions. A dial-up computer could still get a malicious
program through spam. And that program could turn the computer into
a spam machine. A good firewall would block those transmissions.
My favorite firewall remains ZoneAlarm, which is free. You'll find
a link to it on my site at:
http://www.komando.com/bestshareware.asp
(From Kim Komando – July, 2004)
***
Free After Rebate
Want free
stuff? Check this site.
If you're thinking of buying something for your computer, check
for a rebate.
Free After Rebate
offers products that carry a 100
percent rebate.
With these deals, you pay for the product upfront. You then send in for
the rebate, which should take six to eight weeks to arrive. Now, make
sure that you follow the rebate's instructions to a T. Also, save
copies of anything you mail in for the rebate, just in case. I'm always
hearing about problems with rebates. You can find these deals here:
http://www.freeafterrebate.info/
***
More Free Software
There is some really good stuff here: Antivirus, Firewalls, etc.
www.komando.com/bestshareware.asp
***
WINDOWS AUTOMATIC UPDATES
Windows XP
can be set up to receive updates automatically:
--Click Start>Control Panel
--Double-click System
--Select the Automatic Updates tab
--Select "Automatically download the updates, and install them on
the schedule that I specify"
--Create the schedule using the two boxes
--Click Apply and OK.
Windows ME
--Click Start>Settings>Control Panel
--Double-click Automatic Updates
--Select "Automatically download updates and notify me when they
are ready to be installed"
--Click OK.
Windows 98 requires manual downloads.
Select the Windows Update
icon off the Start button. Or open Internet Explorer and click
Tools>Windows Update. In fact, all three Windows versions can be
updated manually that way.
Microsoft Office patches also require manual downloads. Get them
at:
http://office.microsoft.com/ProductUpdates/default.aspx. The
most recent patches are available there. The site includes a scan
engine. It will check your computer and tell you what you need.
(From Kim Komando - September, 2003)
***
WINDOWS MANUAL UPDATES
In Microsoft Internet Explorer click on
Tools / Windows Update.
Click on Express Install. (Or scan for updates,
depending on your
Windows version.) After your Widows scan, install any Critical
Updates.
***
Anti
Virus
Programs like MyDoom can do much more than attack Web sites. They can
be used to find credit card and Social Security numbers, passwords, and
other sensitive information on the zombie computers. They can then send
that information back to the people who wrote the virus.
Backdoor programs like MyDoom also are used as spam engines. They can
send millions of spam e-mails from infected machines. In most cases,
the owners never know. You could be spewing pornography to the world
without your knowledge.
This is very serious business. You must protect yourself. There's
really no reason to be snagged by this--or any other--virus. If you
take three simple steps, you'll be safe.
First, install anti-virus software. Then--and this is critical--go to
the manufacturer's Web site and download the latest update. It will
include code that can uncover the most recent viruses. Your anti-virus
software will be useless if it is out of date. Scan your computer with
the anti-virus program. If you are infected with MyDoom, the anti-virus
program will find it.
There are a number of anti-virus software companies. Four are: McAfee,
Symantec, Panda and Grisoft. The latter makes the free AVG program. The
others charge for their programs. Because you're paying the first
three, you'll probably get better service if you have a problem. Their
Web sites are:
http://us.mcafee.com/default.asp
http://www.symantec.com
http://www.pandasoftware.com
http://www.grisoft.com/us/us_dwnl_free.php
Free tools are available if you can't get MyDoom off your computer.
Find them at:
http://vil.nai.com/vil/stinger/ (McAfee AVERT Stinger removal tool)
http://snipurl.com/mydoomresponse (Symantec removal tool)
http://snipurl.com/48de (Panda Software removal tool)
The second step: Install a firewall. These programs hide your computer
from hackers on the Internet. Good ones also refuse to let backdoor
viruses communicate with the Internet. My favorite firewall is
ZoneAlarm, which is free. Get it through my site at:
http://www.komando.com/bestshareware.asp
Do not depend on the firewall built into Windows XP. It will not block
transmissions from backdoor programs. (This comment was prior to SP2)
If you have a network and a router, you may have a built-in firewall.
Check your router's documentation. Be sure the firewall has been
enabled and updated, if necessary.
Your last step should be updating Windows. Microsoft issues security
updates when vulnerabilities are discovered. Automatic updates are easy
in Windows XP, ME and 2000. Get the details at:
http://www.komando.com/tips_show.asp?showID=6086
Manual updates are also easy. The link to my site above explains
that, too. The manual update works with all versions of Windows,
including 98.
This is an unsafe world, and protecting yourself is your
responsibility. Don't let the bad guys take control of your computer.
Follow these steps, keep everything updated, and you'll be fine.
(From Kim Komando - February, 2004)
***
Firewalls
(See below for
more firewall information)
Q. Should I turn off ZoneAlarm BEFORE downloading and installing
SP2, or not?
A. Pundits may have made too much of potential conflicts between
ZoneAlarm (and other third-party firewalls) and the firewall in Windows
XP. Today's question arises because SP2 arrives with its firewall
turned on. Lots of people are concerned about potential conflicts.
You must leave ZoneAlarm (or whatever you are using) enabled while
downloading SP2. Otherwise, ping programs from intruders may well find
your computer and attempt to access it.
Once you install SP2 (and its enabled firewall), you can disable the
firewall. I doubt that the short time you have both running will result
in lasting damage.
The Windows XP firewall is easy to disable. Click Start>>Control Panel.
Double-click Windows Firewall. On the General tab, select Off. Ignore
the dire warnings. Click OK.
Of course, you can leave the XP firewall running and disable the third-
party program. To disable ZoneAlarm, double-click its icon in the
notification area (in the bottom right area of the desktop). In the
ZoneAlarm window, click the Preferences tab. Clear the boxes next to
"Load ZoneAlarm at startup" and "Protect the ZoneAlarm Client."
I don't recommend that, though. Third-party firewalls block
malicious programs that land on your hard drive from connecting
with the Internet. The XP firewall does not include that protection.
Microsoft believes anti-virus software should wipe out such programs.
I agree, but I like the firewall protection, too. So I'm sticking
with ZoneAlarm.
If you don't have ZoneAlarm, you can get it free through my site at:
http://www.komando.com/bestshareware.asp#firewalls
***
Pocketec Portable Hard Drive
Keep your files with you
Steve Geldman showed off his tiny
Pocketec portable hard drive during our PC Hazards meeting:
I work at both of my personal PCs (home and work) from the external Pocketec drive. Being USB, it's plug & play and automatically creates a new drive letter when plugged into a PC. My PC hard drives are only used for the operating system, programs and to backup the external drive.
My entire company's 'Documents and Settings' network folder is copied into the Pocketec each day. Included are individual Address Books, all emails, and personalized 'Favorites' used for web browsers. Buying a new PC or replacing a crashed drive would require minimal set-up time as you would not have to re-create everything.
Pocketec offers a 5" x 3" x
1/2" unit with capacities of
30 GB for $180
40 GB for $250
60 GB for $300
80 GB for $350
http://www.pocketec.net/ (August 2004)
***
A Free Office Suite...
OpenOffice.org is a free suite of office products.
It includes word processing, spreadsheet, presentation and drawing programs. You
can open and save in a variety of popular formats -- Microsoft Office, PDF, HTML
and others. The programs have the same look and feel as Microsoft Office, so
there's no big learning curve. It's a 63.9 MB file. Dial-up users can expect a
2½-hour download. Broadband users will have to wait about 20 minutes.
www.openoffice.org/
(From Kim Komando – May 2004)
***
The Experts at our August 24, 2004 Computer
Hazards meeting:
Pertel Communications, Bill Perry,
Bill@pertel.com
Cox
Cable, Andy Adams, Andy.Adams@cox.com
SBC DSL,
Gerry Teudt, gt1356@sbc.com
Cloud 80,
Jeremy Bowden, jeremy@cloud80.com
***
About Wireless LAN
Security (#1)
From the TOSHIBA website
Posted June 18, 2004
Following are some general recommendations for setting up security on a Wi-Fi wireless network, once it has been successfully established and tested. Since there are many different manufacturers of APs (access points) and wireless routers, this document is written in general terms, which may or may not apply to your particular wireless network. Access points and wireless routers typically ship in an unconfigured "vanilla" mode, which makes it relatively easy to set up a network. It is generally easier to perform the initial setup of a Wi-Fi network without having security features enabled. This will also simplify any necessary initial troubleshooting. Once your Wi-Fi network is up and tested, you should consider applying at least some of the security steps below, one at a time, testing each before enabling another.
Always set or change the default Network Name (SSID) to something that would be difficult for anyone to guess. To avoid confusion, try to select an SSID which is not in use by another nearby network. Keep in mind that SSIDs are case-sensitive, so they must match exactly on all access point and clients (computers, PDAs, other devices). The simplest approach is to use only lower-case letters, and numerals, for SSIDs.
Depending upon the user interface of the
access point, select "Close the Network", or check the box labeled "Do
not broadcast SSID". This will prevent Windows XP from reporting the
presence of the network on a client computer just because it is within range of
an access point. Only those clients which know the network's SSID will be able
to "see" the network.
The two measures above are often considered to offer a desirable minimum level
of security.
On a home network with just one or a few
computers, consider using MAC address
filtering. This is a method to limit access to your network to
only a few specified clients (computers, other devices). Each client's network
adapter (NIC) has a unique MAC (Media Access Controller) address. Access
points and wireless routers have MAC address tables into which you may add only
the MAC addresses of selected clients to which you wish to grant network access.
All other clients will be denied access to the network.
To determine the MAC address for a computer running Windows XP, click Start, and
then Run. At the Open prompt, type "CMD". This will open a 'DOS Box', and a
command prompt will appear. Type "IPCONFIG /ALL".
A table listing will appear, with entries for all network cards active on the
computer. Under the entry for the wireless network adapter, write down
the six pairs of numbers labeled "Physical Address". This is the MAC address of
this client's Wi-Fi adapter.
Refer to the manual for your access point or wireless router for the procedure
to enter MAC addresses into its table. It's generally necessary to enter them
in a strictly prescribed format (separated by commas, by semicolons, by colons,
or as a contiguous 12-digit number, for example). To close the DOS box, type
"EXIT" at the command prompt. Once you have enabled MAC address filtering, be
sure to verify that each client that you've listed is in fact able to access the
network.
Enable WEP encryption. The manual for your access point / wireless router will explain how to do this, and will specify the format for the WEP encryption keys (either characters, or hexadecimal numbers). These WEP encryption key values will also need to be entered into the Windows XP network properties page. For earlier versions of Windows, the encryption key values should be entered into the Toshiba Wireless Client Manager utility.
While all of the settings and methods
above can enhance the security of a Wi-Fi network, this list is not meant to be
exhaustive or exclusive. Network security, especially for wireless networks, is
a complex and continuously-evolving area of technology. Toshiba's support
specialists can help verify that the Toshiba products in your network are
working correctly, but general network and security troubleshooting is beyond
the scope of their training and charter.
If network security is an important issue for you or your company, consult with
a professional network security service to help insure that your security is as
good as the latest technology can make it.
***
About Wireless LAN
Security (#2)
4 Steps to Lock Down Your Wi-Fi Network
(From Kim Komando - 8/30/2004)
Wi-Fi is a popular way to network home computers. It's relatively inexpensive,
convenient and fairly simple to set up. But most users don't take the extra step
to lock it down. This can be a grave error.
Wi-Fi uses radio waves to transmit information. These waves can penetrate the
walls of your house or apartment. They are then up for grabs.
Hackers take advantage of unsecured Wi-Fi networks. Some, called war drivers,
drive around neighborhoods looking for open networks. Some are just keeping
score, but others may attempt to access your personal data.
By following four basic steps, you can keep your information safe and the bad
guys out.
1. Stop broadcasting to the world. By default, most access points send a short
message repeating the network's name. The network's name is called the SSID
(Service Set Identifier). Anybody who lives (or drives) nearby can easily detect
that
you have a wireless network, find its name and jump onto it. By disabling the
SSID
broadcast, you are no longer telling the world around you that you have a
wireless network.
Additionally, rename the SSID. Don't use your name or something easily
identifiable.
2. Change the password on your access point. Default passwords are common
knowledge.
If unchanged, it takes only minutes to figure out the proper password.
When you change the password, make sure you use a combination of numbers and
letters.
The most secure are alphanumeric combinations, such as 3nO7tY5. However, such
combinations are difficult to remember. At the least, try not to choose an
obvious password
(last name, street name, dog's name, etc.).
3. Use encryption. There are two standards of encryption. Wired Equivalent
Privacy (WEP)
is an older and less secure method. It uses a non-changing 64- or 128-bit key.
Although
it's not the best encryption, it is better than nothing.
Wi-Fi Protected Access (WPA) uses 256-bit encryption, which is much harder to
decode.
WPA is also dynamic--it's constantly changing. By the time a hacker breaks the
key, it
will have changed. If you're buying new gear, insist on WPA.
Even if you have old equipment, you may be able to get WPA through a firmware
update.
Firmware is software written on a chip inside a piece of hardware. Check your
manufacturer's Web site.
Encryption does have a downside--it can slow your network. But that is
preferable to a lack of security.
4. Enable Media Access Control (MAC) filtering. Media Access Control is an
address
assigned to each wireless card. All wireless devices have unique MAC addresses.
The address
includes six sets of paired characters and is usually printed on the back of
your wireless card.
MAC filtering tells your access point to grant access only to MAC addresses you
enter.
You can do your own security check after implementing these measures. Install
the free program
NetStumbler (http://www.netstumbler.com)
onto a laptop or PDA. This program will detect open
Wi-Fi networks. After installing the program, walk around the outside of your
house with your
portable to see what a hacker may see. It shouldn't detect anything.
Even after locking down your Wi-Fi network, it's still somewhat vulnerable. A
determined hacker
can eventually break down any security walls. But by taking preventive measures,
you can
make it difficult. Probably, the hacker will just move on.
***
For MAC Users -
Viruses Can Attack Virtual
PC
(From
www.komando.com October 20, 2004)
Q. I am a Mac user and have recently installed Virtual PC for Mac
onto my G5. I have learned that Virtual PC could be attacked by
viruses. Can you warn Mac owners?
A. Thanks for taking time to write. That's an excellent point! Use of
Virtual PC, which is made by Microsoft, could open you to attack from
the Internet.
Apple's Mac so far has been pretty impervious to viruses, Trojans
and other malware programs. Mac has a small market share, and the
criminals and vandals who write these programs generally have ignored
it. Some experts also consider the OS X operating system less
vulnerable than Windows.
Apple recently issued patches for a few potential problems. But
I know of no successful attacks on OS X.
Microsoft acknowledges that use of Virtual PC can open you to attack.
This is especially true if you are using Windows to access the
Internet, either to surf or download e-mail.
The Internet threat to Windows machines is very, very serious. If
you surf without protection, you will almost certainly be attacked.
I recommend that you stay away from the Internet with Virtual PC.
The Mac has excellent Internet tools.
However, if you must use it, I would install anti-virus software.
You can find free programs on my Web site at:
http://www.komando.com/bestshareware.asp#antivirus
There are many anti-virus programs that are sold at a reasonable
price. If you have problems, you are likely to get more support
if you buy a program. Three good makers are McAfee, Panda
Software and Symantec. They are at:
http://www.mcafee.com/us/
http://www.pandasoftware.com/home/default.asp
http://www.symantec.com/index.htm
In addition to buying anti-virus software, you must keep it
updated. This is a never-ending battle. Most makers allow you
to update their programs automatically.
You also need a firewall. These programs do two things: They make you
invisible to hackers' probes on the Internet, and they keep backdoor
attackers from communicating with the Internet if they get onto your
computer. Windows XP has a built-in firewall, accessible through
Control Panel (Start>>Control Panel). I do not recommend it, because
it does not block outbound transmissions. I prefer ZoneAlarm, which
is free and works well. Links to ZoneAlarm and another free firewall,
Outpost, are at:
http://www.komando.com/bestshareware.asp#firewalls
Thirdly, you must keep Windows updated. Do not assume that the version
of Windows that you have is up-to-date. New updates are issued
regularly. You must use Internet Explorer to update Windows. You can
make this process automatic in Control Panel. If your version of
Control Panel says "Pick a category," click on Security Center.
If Automatic Updates is not accessible through Control Panel, you
need Security Pack 2. In that case, open Internet Explorer and
click Tools>>Update Windows. Let Microsoft scan your computer,
then download all recommended security updates.
Don't forget that you can listen to me Monday through Friday
on hundreds of radio stations. Use the map to find me near you:
http://www.komando.com/findkimonair.asp
***
ActiveX and Cookies
(From
www.komando.com October 22, 2004)
Q. A friend sent me to:
http://www.cse.unsw.edu.au/~geoffo/humour/flattery.html
It appears harmless, but how do I know? Are viruses spread through Web
pages? Do firewalls keep them at bay? What besides cookies can they
deposit on your computer? Are cookies completely erased through the
Recycle Bin?
A. Wowee! Lots of good questions here! I hardly know where to start.
I looked at the Australian site. It seems harmless to me, and my
computer did not alert me to any downloads. But I think it is good
that you are concerned. Better cautious than sorry.
There was a time when users of Windows XP had to worry. Web sites could
download a control called an ActiveX component that could do all kinds
of damage. An ActiveX control could bring you a virus or virtually any
other kind of malicious program.
However, Microsoft took care of that in Service Pack 2. If you have XP,
and SP2 is installed, you'll get a warning. You would have to agree to
accept the control before it could be downloaded.
There are other programs that would protect you. If you have anti-virus
software running in the background, it probably would whack the
control. That's assuming the anti-virus program is kept up-to-date.
There are other programs, such as Spybot Search and Destroy and
WinPatrol, that warn you if a program attempts to write itself into
your Registry. Again, you would have to give permission. That offers
you at least partial protection.
If you have an earlier version of Windows, it will not warn you
when an ActiveX control is about to be downloaded. However, Spybot
and WinPatrol are available for those systems. And you should have
anti-virus software running. You can get Spybot and Winpatrol free
at, respectively:
http://www.komando.com/bestshareware.asp#spybot
http://www.winpatrol.com/
I don't want to frighten you unnecessarily. These downloads are
unusual. But such sites occasionally pop up. And a firewall will
not stop such a download.
In addition, unpatched versions of Windows have a flaw that allows
programs to be downloaded without your knowledge. That is a different
process, and a firewall would stop that. You definitely should have a
firewall, in addition to anti-virus software.
An ActiveX control conceivably could deposit a cookie on your computer.
A control's payload is likely to be more malicious, though, because
cookies are basically harmless. In fact, most are very helpful. They
make it possible to go to certain sites without entering a password,
for instance. The worst thing they can do is track your surfing and
report back to a computer on the Internet.
These are called tracking cookies, and they are a form of spyware.
Spybot Search and Destroy can be configured to block them. Some of my
employees prefer SpywareBlaster, another free program. You can get it
at:
http://www.javacoolsoftware.com/spywareblaster.html
You can completely erase your cookies in Internet Explorer. Click
Tools>>Internet Options. On the General tab, click Delete Cookies.
However, I don't recommend that, because cookies in general are good.
Even tracking cookies are relatively harmless, and can easily be
blocked. Should you get them on your computer, you can delete them with
Spybot or Ad-aware. You can get the latter at:
http://www.komando.com/bestshareware.asp#adware
***
The Google Desktop Tool
(From
www.komando.com October 23, 2004)
Last weekend, I told you about a new cool tool from Google that indexes
information on your hard drive. The information indexed includes e-mail
that you read through Outlook, Outlook Express and Internet Explorer.
It also makes chat sessions, Word, Excel and PowerPoint files easy to
find on your hard drive. I've tried a bunch of desktop search tools
over the years. This one is tops. The Windows search has always been
lame and a huge time-waster.
I believe it's safe for you to install it and use on your home
computer. The information contained on your hard drive is not sent back
to Google. It remains on your hard drive.
Now, there is a downside if you share a computer with someone and don't
use different Windows profiles or accounts to use the system. If you,
for example, forgot a password to a Web site and had it emailed to you,
a copy of that e-mail is accessible to someone using the computer. The
next release of the search tool is supposed to have more privacy
controls. You might want to wait until then to install it.
And wouldn't you know it that the bad guys have found the Google
Desktop Search to be a tool that they can use? I heard from a Kinko's
employee who said that scammers and thieves are installing the Google
program on places like copy shops, Internet cafes and libraries where
you can use public computers. Why? They can go back later and see what
people typed at secure Web sites, in e-mail and in chat sessions.
So, as always, be careful what you do when using a public computer.
Forget doing anything confidential. And if you are using a public
computer, look for a multicolored swirl in the system tray at the lower
right corner of the desktop. That means the Google Desktop search
software is running. Turn it off by right-clicking the swirl.
You can learn more and download Google's Desktop tool here:
http://desktop.google.com
***
Firewalls - What You Need to
Know
(From
www.komando.com October 23, 2004)
It only takes 20 minutes on the Internet for an unprotected computer
running Microsoft Windows to be taken over by a hacker. Any personal
or financial information stored on that computer is ripe for the
taking--passwords, bank accounts, credit card numbers, and more. A
firewall is your first line of defense and works, so long as it is
used properly.
Firewalls hide your computer or network from Internet threats. They
can be either hardware or software.
Hackers use programs that roam the Internet and search for open
computers. They do this by sending information to IP addresses.
If the IP address (the location of your computer) is unprotected,
a message is sent back to the hacker. The hacker knows your computer
can be infiltrated.
Hardware and software firewalls prevent this from happening by only
accepting requested information. For example, every time you type in
a Web address or access the Internet, you are requesting information.
If you type in my home page (www.komando.com),
a request is sent
to my Web site's server.
The server acknowledges the request and sends the information, and
your computer displays it. Since your computer made the request, the
firewall lets the information through.
This is a great first step to protecting your computer, but it's not
enough. What happens if a malicious program gets onto your computer and
requests information without you knowing it? Trojans can be downloaded
with a free program, or they can get onto your computer via an e-mail
attachment. A hardware firewall won't stop them because your computer
is initiating a request.
That's where a software firewall comes in. It alerts you with a pop-up
message whenever a program tries to access the Internet. If it's a
valid program, such as Internet Explorer or Outlook, you tell the
firewall to allow access. If it's an unknown or suspicious application,
you can block it.
This can get confusing. You'll be amazed at the number of programs that
need Internet access. Sometimes, your music player needs access to
online databases when playing CDs or MP3s. Other programs automatically
log onto the Net to check for software updates.
After installing a software firewall, you'll initially get bombarded
with messages. If you recognize the program name, grant it access. If
you don't, deny access and then look up the name on the Internet.
There are a number of free and pay software firewalls. Windows XP has
a built-in firewall. This firewall works much like a firewall on a
router. It's able to shield your computer from hackers trying to get
in, but it does nothing if you have a Trojan trying to get out.
So I recommend a good third-party firewall. Several companies market
free for personal use software firewalls, including Agnitum's Outpost
(http://www.agnitum.com) ZoneAlarm (http://www.zonelabs.com).
Firewalls
are also available from McAfee (http://www.mcafee.com)
and Symantec
(http://www.symantec.com) for under $50.
Mac OS X has a built-in firewall similar to the one included
with Windows XP. If you want something better, check out offerings
from Intego (http://www.intego.com; $59.95)
and Symantec
(http://www.symantec.com; $69.95). So far,
Macs have not been targeted
like Windows machines, so the situation there is much less dire.
Firewalls are just one part of a bigger equation in computer security.
You still need anti-virus software, and Windows updates. All work in
tandem to keep the predators out.
***
Firewalls - Yes, they are needed
on networked computers
(From
www.komando.com November 20, 2004)
Networking is wildly popular among homeowners. Many homes today have
two or more computers, and folks want them all to go through a single
Internet modem. But they're concerned about security, too. Many
don't know which firewalls to install, if any. And they often confuse
the functions of firewalls and anti-virus programs.
This week, I received an e-mail from Dave, an Arizona trucker. He has
a network, with a firewall on the computer attached to the router.
His question: Does he need firewalls on his other computers?
It probably isn't critical, but I vote for putting firewalls on all
the computers. Top-notch firewalls perform two functions: They keep the
bad guys from seeing your computers, so they can't target them. And if
something gets on your computers, they keep it from sending your
private information back to the Internet.
Routers for home networks normally have firewalls built-in. They do
a good job of hiding computers. But they don't usually block outbound
transmissions. So I recommend that you install software firewalls on
all of your computers, to back up the router's firewall. I have
recommendations for free products at:
http://www.komando.com/bestshareware.asp
You need an anti-virus program on every computer, too. Most viruses
arrive via spam. A firewall is defenseless against that, unless it has
anti-virus protection built-in. So anti-virus programs and firewalls
are complementary.
Security experts have a favorite phrase: Security in Depth. Better too
much than not enough.
***
New Computer Setup
(From
www.komando.com December 22, 2004)
Setting up your computer actually involves two things: securing it from
attacks, and transferring your information from the old computer.
Today, I'm going to address security, since that is the more pressing
issue. I'll deal with transferring your data tomorrow.
The Windows systems distributed with new computers now
should include Service Pack 2. So they will be relatively well-
protected out of the box.
However, I would assume the worst and attack potential security
problems head-on. Here are the steps I would follow:
--Before going online, activate the Windows XP firewall. Click
Start>>Control Panel. Double-click Windows Firewall. On the
General tab, select On. Click OK. If you get a blue window in
Control Panel that says "Pick a Category," click Switch to
Classic View on the left side. Follow the above instructions.
With the firewall set up, you'll be protected from any immediate
threats. Viruses cannot attack you unless you open spam and let
an attacker in. Use your common sense.
--If anti-virus software came with the computer, use it. Most come
with a free trial period. Open the program so that it is running in
the background. While you will not be able to update it until you
sign on to the Internet, it's better than nothing.
--Double-check your file sharing. This can be a weakness. Click
Start>>Control Panel. Double-click Network Setup Wizard. If that is
not in Control Panel, click Start>>Help and Support. Put "Network Setup
Wizard" in the box and press Enter. Click Network Setup Wizard in the
left panel.
When the wizard opens, follow its steps. File sharing appears several
pages into the wizard. It is normally disabled by default. If it is
enabled, disable it.
--Set up your Internet service. Call your Internet service provider for
instructions. Have the ISP walk you through any settings.
--Go on the Internet and open Internet Explorer. Click Tools>>Windows
Update. Let Microsoft scan your computer. Install High Priority
Updates. Follow Microsoft's instructions exactly, including reboots
of the computer when necessary.
--Download a new firewall. A firewall should do two things: hide your
computer from intruders' probes and keep malicious programs on your
computer from contacting the Internet. I do not recommend the Windows
XP firewall because it does not do the latter.
There are free firewalls that do both jobs well. I have links to
ZoneAlarm and Outpost on my site. I use and recommend ZoneAlarm.
You can download either at:
http://www.komando.com/bestshareware.asp
Once ZoneAlarm or Outpost is installed and running, disable the
Windows XP firewall. Two firewalls can conflict with one another.
Click Start>>Control Panel. Double-click Windows Firewall. Select
Off>>OK. Ignore any warnings.
--If anti-virus software came with the computer, these are generally
pay programs with a 90-day tryout period. If you plan to continue to
use this anti-virus program, YOU MUST BUY A SUBSCRIPTION. This is
critical. An out-of-date anti-virus program will not protect you.
Set up the program for automatic updates.
If you want a free anti-virus program, go to my site and download
either AVG or Avast! anti-virus software. You'll find them at:
http://www.komando.com/bestshareware.asp
Once downloaded, update the program on the manufacturer's site. Set up
the program for automatic updates.
Afterwards, delete the tryout program. Click Start>>Control Panel.
Double-click Add or Remove Programs. Find the anti-virus program
in the list and click Remove or Change/Remove.
--Download an anti-spyware program. The programs that I recommend--
Spysweeper, Ad-aware and Spybot-Search & Destroy--are available on my
site at:
http://www.komando.com/bestshareware.asp
The anti-spyware program should be run weekly. Always update it
first, including the first time you run it. Like viruses, spyware
is an ever- evolving pest. You must keep the anti-spyware program's
database updated, so it can find the latest threats.
--Change to the Firefox browser. This is optional. I recommend Firefox
because it is more secure than Internet Explorer. If you know how to
use Internet Explorer, you'll have no trouble learning Firefox. You
can download it at: http://www.mozilla.org/
***
Moving data to a new
computer
(From
www.komando.com December 23, 2004)
This transfer is easier today, but it still is not the snap it should be.
There are a number of programs made for this purpose. The best known is
AlohaBob PC Relocator ($30). AlohaBob picks up your data, settings and
individual programs and moves them to the new computer. A $70 version
gives you more control over what is moved.
Other programs in this class include Move Me ($35), Desktop DNA
Professional, ($39), and IntelliMover ($50). Following are the
links to all four, respectively:
http://www.eisenworld.com/ProductsHome.asp?Item=2
http://www.spearit.com/
http://www.miramar.com
http://www.detto.com
Windows XP also has a transfer utility. It won't move programs, but it
will handle your data and system settings.
The utility is called the Files and Settings Transfer Wizard. To find
it, click Start>>All Programs>>Accessories>>System Tools. If you use
this wizard, and you're not on a network, you can use a null modem
serial cable. You should be able to find that at an electronics
store for less than $15.
I have used relocation programs successfully in the past. But members
of my staff have had bad experiences with them. They generally ended up
transferring their data via a CD or DVD.
Most people keep their personal files under my documents. In that case,
you can just burn the whole My Documents folder to a disc.
You may have other things, such as saved e-mail, that is not kept in
the My Documents folder. In some programs, such as Microsoft Outlook,
you can easily export your archived mail, contacts and other folders
to a file. You can then burn the file to a CD or DVD and move it to
the new computer. You also could e-mail it to yourself if it isn't
too big.
To export files, click File>>Import and Export. Follow the wizard.
Outlook Express is more difficult. You can export the Address Book
(File>>Export>>Address Book). You also can export your accumulated
messages, but only to Microsoft Outlook or Microsoft Exchange. That's
not much help if you don't have those programs.
However, you can copy the mail folders. To find them, open Outlook
Express. Click Tools>>Options. Select the Maintenance tab. Click
Store Folder. A small box will pop up with the path to your mail
folders. Highlight the path and click Ctrl+C to copy it. In Windows
Explorer, use Ctrl+V to paste it into the Address Bar. That will
open the folder, which will have several files in it, ending in "dbx."
Copy the files. Burn them to a disc or e-mail them to yourself. Use
the same process to find the proper folder on the new computer. Paste
the files into that folder.
Your Favorites can also be exported from Internet Explorer. Click
File>>Import and Export. Follow the wizard.
You can use the same process to save your cookies. If you fail to
do that, you'll have to re-enter your passwords on those Web sites
that require it. Also, merchants won't be able to fill in credit card
fields for you automatically. That's not the end of the world; moving
the cookies is a minor convenience.
Bookmarks also can be moved in Firefox. Click Bookmarks>> Manage
Bookmarks. In the new window, click File>>Export. Save the file
and burn it to a disc. If you still have Internet Explorer on
your computer, use it to export cookies to a file. If not, copy
the cookies and paste them into the new computer. Find the cookies
at these locations in Windows Explorer:
Windows 98 and ME--C:\Windows\Cookies
Windows 2000 and XP--C:\Documents and Settings\[your name]\Cookies
Have patience with this task. It will take some time!
***
Security Tips from Kim
Komando
December 25, 2004
Avoid Becoming a Victim of Laptop Theft.
If your first priority is keeping your laptop from sprouting legs,
check out http://www.komando.com/tips_show.asp?showID=8198
What Does a Firewall Do?
If your computer is homebound, you have another kind
of theft to worry about. It's called identity theft. Your computer is
loaded with information that can fall into the wrong hands. Learn about
computer piracy and privacy by reading
http://www.komando.com/tips_show.asp?showID=8163
Modem Hijacking
To beat
the bad guys at their own game, refer to
http://www.komando.com/tips_show.asp?showID=8082
Using the HOSTS File to Block Spyware
is a good idea. Read it here:
http://www.komando.com/tips_show.asp?showID=8083
Steps to Lock Down Your Wi-Fi Network
If you have a wireless network, you need to fix the current security
settings, as revealed in
http://www.komando.com/tips_show.asp?showID=8080
Security Issues from a Shared Computer
Maybe you're into networking. You'll sleep better at night after
checking out
http://www.komando.com/tips_show.asp?showID=8276
Three Ways to Protect Your Company Network
http://www.komando.com/tips_show.asp?showID=8143
***
AVG e-mail problem
(From
www.komando.com January13, 2005)
Q. I used to receive your tips and cool site e-mails. But since
I upgraded to AVG 7, I'm not getting any e-mails. What's up with
this? Thanks! I love your site and show!
A. In case you are new, AVG is a free anti-virus program. I use it
on my home computer. It works well.
AVG's newest version of its free anti-virus program is 7. The company
stopped supporting version 6 at the end of 2004. The new program is
available at:
http://free.grisoft.com/freeweb.php/doc/2/
The new version is set up to handle Microsoft Outlook and Eudora
e-mail. According to the company, AVG 7 must be configured to scan
other e-mail programs.
The company further says that failure to configure the program could
result in customers not receiving any e-mail. So that sounds like
your problem.
AVG has a configuration wizard on its site. Use that for step-by-step
instructions. The wizard must be followed exactly. You'll find it at:
http://www.grisoft.cz/us/us_ts_wizard.php
Version 7 also can be configured to ignore the e-mail. That's not
a good idea, since most malicious programs are distributed via spam.
However, you could stop e-mail scanning as a last resort. To do that:
-- Right-click the AVG icon in the Notification Area of the desktop
-- Click Launch AVG Control Center
-- Double-click the E-mail Scanner box
-- On the Plugins tab, click Configure
-- Clear the boxes marked "Check incoming mail" and "Check
outgoing mail"
-- Click OK>>OK.
***
Sweet Internet security suites
(From ZDNet January 28, 2005)
Mixing and matching antivirus and firewall protection requires too much work.
You want one suite of apps that'll give you antivirus protection, firewall
blocking, and Internet privacy, plus offer additional privacy protection. Robert
Vamosi compares three popular suites.
SEE FULL REVIEWS
***
Use the HOSTS File to Assist
Privacy
Everyone likes to be a good host, but bad guests get carried away. They’ll stay
too late or empty bottles too soon. They could even break something along the
way. That’s why you take precautions as a host.
Think of your Windows HOSTS file in the same way. By properly setting up your
HOSTS file, you can save yourself grief from bad Internet visitors. This is done
by circumventing the source of pop-up ads and banners.
Keep this in mind: A proper HOSTS file is just one of many defenses needed to
thwart unwanted Web visitors. You still need virus protection, ad blockers and
spy scans to bar the bad stuff. You also need them to detect any currently
lurking on your computer.
The Preliminaries
The HOSTS file resides in your Windows folder, or a subfolder, depending on
your Windows version. The domain names and Internet Protocol (IP) addresses of
other computers can be listed there. So, the HOSTS file can act as an address
book when your computer wants to call another machine.
The Problem
Advertisers use your surfing habits to target products that match your
interests. That’s why pop-up ads, banners, adware and spyware have become so
invasive.
The HOSTS file works like this. When you type a Web site into your browser--say,
www.komando.com--your browser first checks the HOSTS file for the IP number. If
the HOSTS file contains this address, your computer stops looking and “calls”
the number. If not, your computer goes to the Internet and finds the IP number
there.
Spyware works the same way. So you can use the HOSTS file to trick the spyware.
The Patch
This is actually pretty simple. Redirect the connection back to your own
computer. To do that, put the spyware entry in the HOSTS file. The entry looks
like this:
127.0.0.1 www.badnews.com
So let’s say that spyware on your computer is trying to contact the Bad News
Advertising Co. It tries to go to www.badnews.com. Your computer first goes to
the HOSTS file, looking for the IP number. Sure enough, it is there. But the
number (127.0.0.1) is your computer, not the address of the Bad News Advertising
Co. Because it is your computer, the request simply dies. The spyware is
marooned inside your computer.
Windows comes with a HOSTS file, but there is only one line in it:
127.0.0.1 localhost
Localhost is your computer. To make the HOSTS file a worthwhile spyware fighter,
you would have to enter hundreds of evil domain names, such as www.badnews.com,
along with your IP number (127.0.0.1). Fortunately, there’s another way. Custom
HOSTS files are available on the Web. You can get a good one at:
http://www.mvps.org/winhelp2002/hosts.htm
Can the spyware people get around this? There are ways. But so far, at least,
they haven’t bothered. If you install a HOSTS file, along with programs to block
and eradicate spyware, you’ll be much more secure. You can find programs to
block and eradicate spyware on my site at:
http://www.komando.com/bestshareware.asp
Stick with me. We can defeat these people.
(From www.komando.com 050205)
***
A Custom Hosts File
Is Necessary
Q.
Awhile back, you recommended downloading a custom HOSTS file. It contained about
4,000 entries. Recently, I read it’s better to have only a few entries in the
HOSTS file. A large HOSTS file can slow the loading of Internet files. So I went
back to my original HOSTS file. And now my connection is really fast. Is there a
disadvantage to using the original HOSTS file?
A. Yes, yes, yes! There’s a huge disadvantage to using the original HOSTS file. You’re compromising your security.
A custom HOSTS file is another tool to protect your computer from malicious programs. When used correctly, it will keep you away from dangerous sites.
First, let me explain the HOSTS file for readers who don’t understand it. The file contains IP (Internet Protocol) numbers associated with Web sites. Each Web site is identified by an IP number. For example, mine is 66.210.246.140. This number is the site's address.
IP numbers are difficult to remember. So Web sites use a name instead. Mine is www.komando.com. However, when the name is entered in a browser, it has to be converted to an IP number. The DNS (Domain Name System) associates the name with the site’s IP number.
When you enter a name in your browser, it first goes to your HOSTS file to find the IP number. That file is normally empty, or nearly so. Not finding the number there, it goes to a domain name server. It continues to query servers until the number is found, or it establishes that there is no number.
The HOSTS file can be manipulated to block malicious sites or ad servers. To do this, you list the name of the Web site you want to block. With it is listed the IP number 127.0.0.1. That is the number of your computer. Doing this has the effect of short-circuiting the request. The request just dies.
This actually can make your computer faster. When you open a Web site, the files that you want to see are downloaded from that site. But other files, usually for advertising, have to be opened from other computers. When those requests die in your computer, the page opens, minus the ads.
The HOSTS file also protects you from spyware on your computer. These programs use the browser to report your surfing habits back to a computer on the Internet. Requests to go to the Internet computers will be blocked by a good HOSTS file.
So a custom HOSTS file has an important security role.
It is true that a large HOSTS file can slow Web surfing in Windows XP and 2000. Earlier versions of Windows are unaffected. This can be remedied by turning off your DNS Client.
The DNS Client stores a list of IP numbers for Web sites you’ve visited. The computer searches the stored list before contacting the DNS server. Your computer is slow because it’s searching through this cache AND the HOSTS file. The HOSTS file is necessary. The cache is not.
To change this, click Start>>Run. Enter “services.msc” (minus quotes) in the box. Right-click DNS Client and select Properties. Click the down arrow beside “Startup type” and select Manual. Click Apply. Click OK and restart the computer. This keeps the DNS Client from loading at startup.
If you don't have a custom HOSTS file, you can download a free one. I use one maintained by Mike Burgess.
A HOSTS file complements
your anti-virus and anti-spyware software. It does not replace them. If you need
anti-virus and anti-spyware programs, you'll find free ones
on my shareware page. You'll find free firewalls on the same page.
Protecting yourself requires a mix of programs.
(From
Kim Komando, May 5, 2005)
***
Clean the hard drive
when disposing of a computer
On the show last week, I
discussed how a computer should be purged
of personal information when you dump it. Lots of people wanted more
information about that, and since I aim to please, here you go!
The problem: Simply deleting personal files does not erase them.
They remain on the hard drive, where they can be accessed with
specialized software. That's a good way to have your identity stolen.
The best answer is to remove the hard drive and destroy it. But you
can't do that if you're giving away the machine. So you need to
overwrite the hard drive in such a way that nothing can be recovered.
I wrote a column for Microsoft's Small Business site about this
situation. You'll find it free for the taking and sharing at:
http://snipurl.com/93l2
(From
www.Komando.com Feb 26, 2005)
***
Clean out
your registry
By
Jason Parker: Contributing Editor, Downloads Tuesday, December 21, 2004
As a frequent
downloader of new software, I try out a ton of programs on my PC. But after
installing and uninstalling so many programs, it doesn't take long for my
registry to become a complete mess, causing errors, sluggishness, and sometimes
crashes. The problem is that not all programs uninstall as easily as they
install, and often, registry entries are left to stagnate in your system where
they may eventually cause problems.
To keep my registry lean and mean, I run a quick scan of
registry entries using software designed to root out the garbage left behind by
uninstalled programs. These apps check my registry for rogue entries so that I
can decide whether I want to delete them. Some programs also give me a
description of what specific registry entries were once used for, thereby
allowing me to decide whether I still need them.
A word of warning: Be extremely careful when deleting files
from your registry. Some entries have strange names that you won't be able to
identify but that might be necessary to run your favorite program or even your
system software. A good rule of thumb is to delete only entries that you are
sure are related to programs you no longer use. With that said, here are my
three favorites for regular registry maintenance.
Registry Medic does a comprehensive scan of registry entries, looking
for the files and programs that they're associated with. This app gives you
plenty of details on each entry it can't find a parent for, but with the
shareware version, you can fix only five entries at a time. However, it might be
worth $29.95 for the extra details you get. (Shareware/Windows)
Registry Mechanic lets you use a Windows Explorer-like interface to scan
for registry problems. Registry Mechanic gives you a list of possible culprits
that you can selectively delete. You can also back up your whole registry and
delete all of the problem files. I like the second option because it requires
less fuss, and I can always bring back the whole set if something isn't working
correctly. (Shareware/Windows)
CCleaner (Crap Cleaner) was made to clean your Internet history and
temporary files, but it includes a nice registry cleaner as well. It also lets
you save a copy of your registry so that if you run into problems after
cleaning, you can revert back to a working configuration. (Shareware/Windows)
Even if you feel pretty good about the way your PC is running
now, I still suggest you pick up one of these apps as a preventive measure.
Eventually, every registry needs a good cleaning, and these apps do the job
nicely.
--------------------------------------------------------------
This story was printed from
Anchordesk, located
at
http://reviews-zdnet.com.com/AnchorDesk/.
--------------------------------------------------------------
(I have used CCleaner myself
for two years with good results. DM, January 2007)
***
.ZIP Files Knock Big Things Down
To Size
(From
www.komando.com April 30, 2005)
The .ZIP file is one of several compression
types. Using it, you can
reduce files to a fraction of their uncompressed size. This has been a
boon for the Internet, where big files are spelled s-l-o-w.
.ZIP files date to 1989. They use a compression algorithm that looks
for redundancies in a file. For instance, it might find a phrase
repeatedly. It can substitute a number for that phrase. And in fact, it
finds many redundant words and phrases that can be removed.
After downloading a .ZIP file, you have to decompress it. Windows XP
includes a .ZIP decompressor. In earlier Windows versions, you must use
another program. The best-selling independent decompression program
today is WinZip. But the first, and most famous, was PKZip.
PK stands for Phil Katz. He developed PKZIP in the 1980s, after an
acrimonious lawsuit over another program, PKARC. PKZIP quickly
became the standard for compression programs. However, Katz was
slow to develop PKZIP for Windows, and it was surpassed by WinZip.
There are many .ZIP programs around today. Windows XP includes
built-in support. Thank goodness for that.
If you're using an earlier version of Windows, WinZip ($29) and PKZIP
($39) can be used to create .ZIP files, as well as open them. If you
just want to open files, try StuffIt Expander, which is free. You can
get them at, respectively:
http://www.winzip.com/
http://tinyurl.com/7m694
http://www.stuffit.com/win/expander/index.html
***
Six steps to help secure your brand-new PC
By
Kim Komando
There's nothing like cracking open the box of a brand new computer.
But don't be so quick to just connect it all up and hop right on the
Internet.
According to the software
security company Symantec, it takes only
20 minutes for an un-patched and unprotected computer to be attacked
once connected to the Internet.
In that time, your
pristine computer could be turned into a zombie.
Zombies are machines that have been secretly taken over by
hackers. The zombie networks are leased to criminals who use
them to send spam or attack Web sites.
Some criminals want to
put keyloggers on your computer, to steal
passwords, credit card numbers and other sensitive data. There
are plenty of vandals out there, too, who want to destroy your
data for fun. And advertising outfits, many shady, hope to put
spyware on your computer. With that, they will track your surfing
and bury you with ads.
Compromised computers are
found in homes, businesses and
government offices. To make sure you aren't victimized, here are
six steps you must take to secure your computer and the network
on which it runs.
1. Install a firewall.
If you are running a network
and sharing a broadband connection,
you probably have a firewall built into the router.
But that's not enough. Most
routers used in small businesses
utilize a Network Address Translation (NAT) firewall. Basically,
it hides all of the computers in the network. It protects you from
outsiders trying to get in.
Windows XP's firewall works in
a similar fashion. It's able to
block incoming traffic but not outgoing data. To turn it on click
Start > Control Panel > Windows Firewall. Click the circle next
to "On" and click OK. Note that if you have updated your
operating system to
Windows XP Service Pack 2, the firewall
already is enabled.
The most secure method is to
have a third-party software
firewall in addition to the firewall on your router. It provides an
extra layer of protection by alerting you to outbound traffic.
Anytime a program tries to access the Internet, the user will be
alerted. If it's a valid application, such as Internet Explorer,
Outlook, and so on, the user grants it access to the Internet.
If it's an unknown application, such as a worm, you can block it.
My favorite third-party firewall is ZoneAlarm (www.zonelabs.
com), which is free.
You're not ready to go onto the
Internet just yet, so download the
firewall onto another computer, save it on disk and install.
Even if you're not using a broadband connection, you still
should
install a software firewall. Hackers are greedy. They will infect or
take over any computer — even ones with a slow Internet
connection.
Safer computing starts with Windows XP Service Pack
2, a free upgrade
Windows XP SP2
brings users the latest security updates and
innovations from Microsoft. Here's how to get it. 
More
2. Disable file
sharing.
Before you go onto the
Internet, disable file sharing. It's one thing
to share your sales presentation with others in your office. It's
another to share it with the entire Web community.
In Windows XP Professional, file sharing is turned on by default.
To disable it, click Start > My Computer. Click Tools > Folder
Options. Click the View tab. Under Advanced Settings, scroll to
the bottom and uncheck the box next to Use simple file sharing
(recommended). Click Apply > OK.
If your new computer came with
Windows XP Service Pack 2
installed, click Start > Control Panel. Click Security Center >
Windows Firewall. Click the Exceptions tab. Under Programs and
Services, uncheck the box next to File and Printer Sharing. Click OK.
3. Install antivirus software.
This may seem as obvious as the
others, but it's oh, so important.
Many new computers have a trial version of an antivirus program
already installed on the computer. That doesn't mean it's ready
to go. You still need to update the definition files.
To update the definition files,
you'll need to access the Internet.
Since you've turn off file sharing and installed a firewall, you
should be safe.
Remember that trial versions of
antivirus software are only good
for a short time, usually 30 to 90 days. The trial version will then
continue to run on your computer, but its antivirus definitions
will be out-of-date. Outdated definitions offer nothing but a false
sense of security.
4. Modify your HOSTS file.
Setting up your HOSTS file will
prevent spyware and any kind of
"malware" (short for malicious software) from communicating
outside your computer. This allows you to surf the Net anonymously.
Countless numbers of hackers,
vandals or unscrupulous marketers
would love to hijack your Web browser or give your computer some
nasty worm. Sometimes malware is bundled with shareware and
freeware. Other times it can get on your computer by opening an
infected file.
"Tracking cookies" get on your
computer from Web sites and even
online ads. They track your Web surfing habits and report back.
This helps the ad servers know which ads to place on your
computer.
Fortunately, there is a list of
known malware and ad servers that
want to communicate with your computer. Enter the domain
name for the known offenders and your computer's address
(127.0.0.1) in the HOSTS file. All attempts to contact the mother
computers on the Internet will lead back to your local computer.
The requests will die.
You don't have to enter the
possible offenders manually. Such
files are available on the Internet. You can find an updated one
with installation instructions at this URL:
www.mvps.org/winhelp2002/hosts.htm
It's important to check often
for updates to the HOSTS file,
because the list of offenders is growing fast.
5. Keep your Windows system updated.
Even if your computer comes
with Windows XP Service Pack 2
(SP2) already installed, you still need to update Windows.
Although SP2 contains a multitude of critical updates, more have
become available since its release.
Update Windows by clicking Start > All Programs > Windows
Update. You may have to restart your computer after some
updates. Keep going to
Windows Update until there are no more
updates to be installed.
If your computer did not come
with SP2 installed, you can download
it. Or you can order SP2 on CD for free. The same CD can be used
on multiple computers. Visit
this page to order the CD from Microsoft.
6. Stop spyware before it takes root on
your PC.
Spyware collects information
about your interests and then uses
that information to display advertising.
Take preventive measures by
downloading and installing
SpywareBlaster (www.javacoolsoftware.com/spywareblaster.html).
It's a free program and prevents most spyware from being
installed on your computer.
Another program, Spybot Search
& Destroy
(www.safer-networking.org/en/spybotsd/index.html
) prevents
spyware and adware from being installed on your computer by
immunizing it. It also has the ability to remove adware already
installed on your computer.
Spybot Search & Destroy also
has a tool called TeaTimer. Tea
Timer monitors changes to specific keys in your registry.
Whenever a change is detected, a pop-up will alert you and ask
if you want to allow or deny the change. To enable it click Mode
> Advanced. Then click Tools > Resident. Check the box next to
Resident "TeaTimer" (Protection of over-all system settings)
active. Also, make sure the box is checked next to Resident
"SDHelper" as well.
The makers of Spybot Search &
Destroy recommend that you
run SpywareBlaster in tandem with Spybot Search & Destroy.
Now that your computer is as
locked down as much as possible,
you should be safe to set up your e-mail account for the
computer and surf the Net.
Take this time to check the
other computers in the office. Make
sure your Windows and Microsoft Office software are updated.
Make sure antivirus programs are up-to-date. And check for
spyware.
This may sound alarmist. But
these security steps are very
important. By setting up your computer properly, you can
feel confident that your computers and network are as safe
as possible.
Kim Komando
Kim Komando writes about workplace technology and security
issues. She's the host of the nation's largest talk-radio show
about computers and the Internet, and writes a syndicated
column for more than 100 Gannett newspapers and for USA
Today. Find
Kim's show on the radio station nearest you, and
send an e-mail to subscribe to her free weekly e-mail newsletter.
For customer support options, tailored business advice, and a
single point of access for Microsoft's small-business solutions,
see the
Microsoft Small Business Center home page.
http://www.microsoft.com/smallbusiness/issues/technology/security/6_steps_to_help_secure_your_brand_new_pc.mspx
***
Recovering from a Trojan
Horse or Virus
Michael D. Durkota, US-CERT
From
http://www.us-cert.gov/reading_room/trojan-recovery.pdf
(May 2005)
It can happen to
anyone. Considering the vast number of viruses and Trojan horses traversing the
Internet at any given moment, it’s amazing it doesn’t happen to everyone.
Hindsight may dictate that you could have done a better job of protecting
yourself, but that does little to help you out of your current predicament. Once
you know that your machine is infected with a Trojan Horse or virus, what can
you do?
If you know what specific malicious program has infected your computer, you can visit one of several anti-virus web sites and download a removal tool. Chances are, however, that you will not be able to identify the specific program. Unfortunately your other choices are limited, but the following steps may help save your computer and your files.
1. Call IT support
If you have an IT support
department at your disposal, notify them immediately and follow their
instructions.
2. Disconnect your
computer from the Internet
Depending on what type of Trojan horse or virus you have, intruders may have
access to your personal information and may even be using your computer to
attack other computers. You can stop this activity by turning off your Internet
connection. The best way to accomplish this is to physically disconnect your
cable or phone line, but you can also simply "disable" your network connection.
3. Back up your
important files
At this point it is a good idea to
take the time to back up your files. If possible, compile all of your photos,
documents, Internet favorites, etc., and burn them onto a CD or save them to
some other external storage device. It is vital to note that these files cannot
be trusted since they are still potentially infected.
4. Install an anti-virus program and scan your machine