gracie's security pages basic security programs basic e-mail safety safer net surfing gracie's zone alarm pages moonlake cybersmiths e-mail gracie |
while you're surfing, getting e-mail, or just connected to the net, your faithful computer is vulnerable. now that you've installed good basic security programs and practice safe e-mail habits, make sure your computer is as secure as possible, and that you are ready to recover quickly if disaster does strike. * check your ports: if you're running a firewall and don't have file sharing enabled, your ports (the openings in your computer system that are vulnerable to attack) should be 'stealth', i.e. invisible to people scanning you. check yours at dslreports (even if you're on a dialup or cable connection.) * turn off file and printer sharing: for all computers tied directly to the internet connection, and disable netbios over tcp/ip. read the os-specific directions for unbinding netbios on grc's great security site; for win2k, use this gpick page. another good resource on file/printer sharing is on pc-help. if you're running windows 2k, turn off dcom unless you find you need it. * watch what's starting: if you're running win98 or ME, click start menu, run, type msconfig, and go to the startup tab and see what's starting automatically (in other operating systems, check your startup folder). uncheck anything you know you don't want running all the time. many programs stick themselves in there and run constantly, eating resources, when you only need them sometimes (in which case you can just start them from a shortcut). more importantly, you can see if anything suspicious is running there. * keep your operating system, patched: visit the windowsupdate site regularly for critical updates, many of which are security related. * make regular backups of critical data: use a backup program to keep a copy of important files on removable media such as zip disks or recordable cd-rom disks. using disk imaging software (like powerquest's drive image) to create an exact image of your hard drive regularly on cd allows you to get it back again (programs, files, and configurations) in minutes rather than days. * make an emergency boot floppy disk: someday you may not be able to boot your computer from your (probably seriously ill) c: drive, especially if you pick up a destructive virus or install a misbehaving program. a boot-up floppy disk will allow you to at least start the computer, possibly repair it, and, if necessary, then reinstall windows from your cd. to create a basic boot disk, in win 9x/me, go to start, settings, control panel, startup disk tab; in win2k, start, programs, accessories, system tools, backup, backup tab, tools, create emergency repair disk. you must create this disk before you have a crisis; an infected harddrive can't make a clean boot disk. * disable hidden filename extensions: enable 'show all extensions' in windows explorer's options; the "nevershowext" registry value is used to hide the extensions for basic windows file types, so check that, too. here's some specific instructions for disabling hidden file name extensions. * consider disabling windows scripting host: (downside: this may interfere with windows update). this will prevent malicious (and non-malicious) .vbs files from running. learn more hereand see if this is for you. go on to safer surfing -->
|
|
"thanx to the gang on the grc newsgroups for education, help, and fun." |
||
