Computer and Internet Safety

Computer and Internet Safety
Computer and Internet Safety
In This Article
 A firewall blocks or permits traffic
 Hidden file extensions pose serious threats
 Keep anti-virus software and operating systems up to date
Today people use the Internet to see what movie is playing, shop, do homework, pay bills and for
banking and financial transactions. For many of us, email has not only taken the place of postal mail
but also replaces many telephone calls. There is an increasing group of Internet users who have
direct connections to the Web through cable modem, T-1, or DSL, which means they are connected
24 hours a day, 365 days a year. For the most part, these types of connections are wonderful, as the
computer is always “on." This offers convenience and speed for everyday use.
However, there are several drawbacks to being continuously hooked up to the Internet. Some Internet
Service Providers (ISPs) are neglecting to tell you just how vulnerable you might be to being hacked
or otherwise attacked while connected to the Internet. This hook up allows for a greater risk of
exposure of any personal information on your computer. This type of connection also can be
exploited by unscrupulous outsiders to utilize your computer as a ghost station, i.e. storage of data
that is not yours, sending out spam emails or forwarding viruses.
The Internet is just like the rest of the world. It is populated with the same kind of people society deals
with on a daily basis. This includes criminals and those who simply wish to create havoc and chaos.
In the past, these people might have gotten a kick out of hacking a company’s homepage or website
in order to change some graphics or leave a personalized “tag” on the site. The object was simply to
prove you had the skill to “break into” another computer. Today, however, there are greater risks
presented by the intentions of the criminals and computer hackers. Computer and database breaches
have become more criminally focused.
Leaving your computer hooked up to a direct connection without firewall protection, either by software
or hardware, is like leaving your house unlocked all the time. Worse yet, you have a sign hanging out
front saying, “Come on in!” When you are connected to the Internet, you literally have access to the
world. What some people forget is that this is not a one-way mirror. If you can see out, that means
anyone on the Internet, with the right program, can see into your computer as well. Not only that, but
they can plant a program into your computer (a Trojan or virus) so that they can access it not only at
that very moment, but in the future as well.
Once a thief gains access to your computer, they can gather all the personal or sensitive information
you have stored on the hard drive unless your information is securely encrypted. Social Security
numbers, credit card numbers, bank account information, your budget, and your electronic tax returns
1
– any and all information might be up for grabs. Identity theft is on the rise, and these pieces of
information are the keys that imposters seek. The intruder could also gain complete control of your
computer, using it for criminal intrusion of other computer systems, while leaving the evidence of that
further intrusion pointing directly back at YOU. Are you ready to explain why YOUR computer was
used to attempt to crack a FBI server?
HOW TO PROTECT YOURSELF
 Install a firewall to protect your information. A firewall can be thought of as a traffic cop: it
blocks traffic or permits traffic. The most important thing to recognize about a firewall is that it
implements an access control policy, either allowing or blocking specific outgoing and
incoming traffic. A firewall, when used properly, can prevent access by unauthorized external
attempts to connect to your computer. Without a firewall, "crackers" might be able to see some
or all of your hard drive: your tax records, the account numbers you placed in the computer for
record-keeping, your bank information, even your letter to Aunt Mary. Install a firewall and
keep it ENABLED.
Warning: Each program you load onto your computer, after installing your firewall, may open
ports through the firewall. Be careful to know and control what programs on your computer can
access the Internet

Install reputable anti-spam and anti-virus software. Most reputable anti-spam software
programs today are also programmed to identify known spyware and possible malware threats
and viruses, which could contain Trojan horses as well. Many threats are delivered by email,
specifically spam. A good anti-spam program will help reduce your risk of inadvertently
opening an email that contains a threat. Don't ignore a message to update your anti-virus,
spyware and malware protection, as well as anti-spam software.

Keep your anti-virus, firewall and operating systems updated. Set your computer to
update the Windows system automatically for critical updates. This procedure can be set to run
during the night or whenever you please, but it should be set to automatic updating. Set antivirus software to update daily, so that when it scans (either scheduled scan or real time scan),
it is running with the most recent virus information. Do NOT let your anti-virus subscription run
out! Many users with cable companies or DSL companies may find that those companies will
provide free anti-virus software. After all, they don’t want you on their network spreading a
virus to all their other customers. Check with your provider about what they offer. If you see a
“time to update” notice sent by the supplier of your operating system, verify that it is authentic
and then do so.

Be certain of BOTH the source AND content of each file you download. Don't download
an executable program just to "check it out." If it’s a Trojan Horse virus, the first time you run it,
you’re already infected. In other words, you need to be sure that you trust not only the person
or file server that gave you the file, but also the contents of the file itself.
2
Trojan: These attacks pose a serious threat to computer security. In today’s computer world, a
Trojan is a malicious, security-breaking program that is disguised as something benign, such
as a screen saver, game or joke. It might send itself to everybody on your email address book
or IRC channel, erase or modify your files or download another Trojan horse program
designed to steal your passwords. Many Trojans also allow hackers to take over your
computer and "remote control" it. Trojans have become more sophisticated in recent years, as
hackers use them to scan your system for vital information (credit card numbers, SSNs, bank
account numbers) and use the retrieved information to open accounts, run up huge credit card
debt, or drain the bank accounts of unsuspecting victims.
Trojans can be spread in the guise of literally anything people find desirable, such as a free
game, nude picture, MP3 song, etc. You might have downloaded the Trojan from a website or
file transfer without even knowing it. That is why it is important to always know what you are
downloading and who is sponsoring the program.
Remember that a virus or Trojan might cause your friend’s computer to automatically send you
the questionable file. Many viruses and Trojans are sent from unknowing friends who
contacted the virus, which then used their email addresses to send it to YOU! In general, there
is no reason for even a friend or colleague to send you an executable (.exe, .com, .pif, etc.)
file. When in doubt, ask them first before opening the attached file. Be aware that “free”
programs or spam might also contain a troublesome file. If you download commercial games
or other software from unknown shareware sources or “spam,” it’s just a matter of time before
you fall victim to a Trojan or virus.

Be cautious of dealing with pop-ups. This is a perfect place to plant a virus or Trojan
program. You never know who wrote the program, or that person’s intent. If you don’t know the
supplier, do not allow it to run or install.

Beware of hidden file extensions! Windows by default hides the extension of a file, so that
innocuous-looking picture file, "susie.jpg," might really be "susie.jpg.exe," an executable
Trojan. To avoid being tricked, unhide those pesky extensions, so you can see them. This is
an option in Windows Explorer under Tools\Folder Options\View. Make sure to “Apply to all
folders.” That way the final extension will show in all programs. Also, your anti-virus software
should spot misnamed files. Your AV software IS up to date, isn’t it?

Don't be lulled into a false sense of security just because you run anti-virus programs.
Many anti-virus programs do not protect against all viruses and Trojans, even when fully up-todate. It’s a race between the virus creators and the anti-virus cures. You need both virus
protection and firewall programs to be fully protected against hackers and intruders.
Virus: A dangerous computer program with the characteristic feature of being able to generate
copies of itself, and thereby spreading. Additionally most computer viruses have a destructive
payload that is activated under certain conditions. It may also be able to infect other programs
3
on the same computer. Viruses can do serious damage, including erasing files or an entire
hard drive. Others may just do silly or annoying things such as popping up in a window that
says, "Ha, ha, you are infected!" Viruses are transferred by electronic contact and usually are
attached to a data file. You send it to a friend or co-worker by sending a file or an email that
contains the virus. Typically you need to open an infected file to activate the virus or
sometimes an infected website page.

If you play online multi-player games, do not publish your I.P. address on websites or
newsgroups, unless you are very sure that you are fully protected. You would be much better
off logging into others’ game servers, instead of inviting others to log onto your game server at
a precise I.P. address. Providing a precise I.P. address may allow others to get inside your
firewall.

Backup your system! One of the best ways to protect yourself in the result of a virus attack is
to have a clean set of backup disks/tapes/CDs that will fully restore your system (without the
virus) and the applications you are using. Too often, home computer users fail to protect
themselves in this manner. With CD burners and accompanying software being relatively
inexpensive, a full system backup can quickly restore your computer in the event that your
hard drive has to be reformatted. If you have the ability, USB backup drives are now available
for about $200 with backup software and can schedule backups at your required times. This is
a much more convenient method of getting good backups and can be scheduled for once a
week or so to automatically do a new backup.

Turn off your computer when not in use. If you are not connected to the Internet, because
your computer is off, you cannot be infected, hacked or hijacked.

Use common sense. When in doubt, assume the unknown attachment is a virus. Pay
attention to virus alerts. Don’t even consider trying to outsmart those who have created these
malicious programs. Reconsider storing personal information in your computer. Instead,
transfer it to a CD and use the CD when you need the information. This is especially true of
passwords, Social Security numbers and tax or financial records.
ADDITIONAL DEFINITIONS
Worm: Like a virus, a worm is also a program that reproduces itself. Unlike a virus, however, a worm
can spread itself automatically over the network from one computer to the next without attaching itself
to another file. Typically, worms do not destroy a computer or files. They just take advantage of
automatic file sending and receiving features found on many computers. However, a worm can send
a virus through your computer to others using this auto-send feature.
Hacker/Cracker: When used properly, “hacker” refers to an elite breed of "good guys" who are
talented computer programmers. They enjoy solving challenging problems or exploring the
capabilities of computers. Like a carpenter wielding an axe to make furniture, the hacker does good
4
things with his skills. True hackers subscribe to a code of ethics and look down upon the illegal and
immoral activity of crackers. When the press uses "hackers" to describe virus authors or computer
criminals who commit theft or vandalism, it is not only incorrect, but also insulting to true hackers. The
correct term for a hacker that uses this skill for criminal purposes is “cracker.”
Firewall: A firewall is a device, either software- or hardware-driven, that enforces an access control
policy between two networks. A computer connected to an Internet Provider (Internet Connection), for
instance, represents a bridging of two networks. A firewall can be thought of as a pair of guards: one
blocks traffic and the other permits traffic.
Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic.
The most important thing to recognize about a firewall is that it implements an access control policy.
That means you have control over what program or website is allowed to mingle with your computer.
Even if you are unsure as to what kind of access you want programs or websites to have to your
computer, it is vital, especially if you are a cable modem or DSL user, that you employ a firewall.
Most firewalls manufactured today come with pre-set recognitions of those popular programs that
most folks tend to have on their computers. Therefore, they take much of the guesswork out of
determining whether programs should communicate via the Internet (and either send or receive
information) or not.
Even dial-up Internet users, if they intend to remain online for hours on end, should have some sort of
firewall protection. For such folks, there are a good number of free firewall programs available to suit
their needs.
Software-driven firewalls: A software firewall is okay for one computer connected to the Web.
Windows XP includes a limited firewall. You should consider whether or not this is sufficient
protection. If not, replace it with a stronger firewall software program.
There is a free software firewall available from ZoneAlarm. [http://www.zonealarm.com/security/enus/anti-virus-spyware-free-download.htm] It is easily configured and can be tailored to meet your
needs. Symantec/Norton, McAfee, and others also have software firewalls available in packages with
their anti-virus programs. These will be somewhat less expensive than hardware firewalls but will
require some of your computer resources to operate and are generally more complex than a
hardware firewall.
Hardware-driven firewalls: If you have a small home network (two or more computers), you should
look at a hardware-based firewall. A hardware firewall is superior to software solutions because a
computer (directly connected to the cable modem or DSL) running firewall or other protection
software is still visible on the Internet. If, however, a hardware firewall is used, the computer(s) are
shielded from direct connection to the Internet and that makes it more difficult for an outsider to
directly attack the computer. There are several good hardware solutions available. These devices
provide a lot of protection for multiple computers for a relatively low cost.
5
Jumping on the direct connection bandwagon can be safe and fun as long as you protect yourself
adequately from unwanted intruders by using either a software or hardware firewall, practicing safe
techniques and keeping virus protection updated.
For further information on firewalls:
Firewall Guide
[www.firewallguide.com]
How Firewalls Work
[www.howstuffworks.com/firewall.htm]
Building Internet Firewalls Tutorial
[www.greatcircle.com/gca/tutorial/bif.html]
Copyright 2010, Identity Theft Resource Center®, all rights reserved. Any requests to reproduce this
material, other than by individual victims for their own use, should be directed to
[email protected] This fact sheet should not be used in lieu of legal advice. This article is
referenced as "Fact Sheet 119: Direct Connections to the Internet" on the Identity Theft Resources
Center website.
6
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement