Safe Computing – April 2004
For many years now we at NetTeller Pty Ltd have been concerned about
security issues – in fact, security and reliability are always the major
focus in the ongoing development of our NetTeller platform.
We have made many advances with our software and within our web and
NetTeller site hosting technologies – we believe that we have now made
it virtually impossible for hackers to gain information by attacking
NetTeller. Unfortunately, at the other end of any online transaction is
your member’s personal computer (PC). This is a device over which
we have very little control but it is in many ways a vulnerable component
in the service delivery channel.
As we all know there are Viruses, Trojans, Worms and many other types
of malicious code that can be acquired or downloaded onto unprotected
PC’s – often without the member being aware of it. They can
arrive from a variety of sources including as payload in an email, via
floppy disks, across a network connection or even just from visiting a web
page. They may just cause some inconvenience for your member but, in some
cases, they can also cause malicious damage and/or capture member numbers
and passwords and other personal information and send that data to other
locations on the Internet.
In past years we have written about, discussed and verbalised these
issues with our NetTeller users. We have recently come across
a web site that we believe contains very good and useful advice for
members on how to protect their PC and we have reproduced the advice
below. The original document was developed by Renton Frape, a man
with 23 years of practical computing experience and he, like the team at
NetTeller, believes that if your members were to follow these guidelines
then they will be well prepared to avoid most, if not all, of the virus
and Spyware issues that can infect a Windows PC. The author has also
recommended a number of commercial (paid for) programs and also where
possible provided detail on a free alternative.
Some of the tools have versions for use with Mac’s and Unix based
systems but it is fact that the Windows based PC platform and also that
Microsoft’s Internet Explorer browser are by far and away the platform
of preference.
We advise that this information is published in the interests of
providing assistance and guidance for end-users in managing and
maintaining their Windows PC’s – no warranty, guarantee or
responsibility is implied or accepted for any of the products or services
detailed herein (other than that provided by the vendor of the product).
This document has been edited by Mark Paterson.
Firstly
This document requires you to make some changes to settings on your PC
so please write down what you have done just in case you need to revert
back to the original setting(s).
First step - Turn on the PC but do not log on or connect to the Internet
just yet.
If you don’t have IE6 SP1 and Outlook Express 6 then it’s time to
update. They can be up to 100Mb of data to download from the
Microsoft site so a better way for many to get them is on the CD’s that
often come attached to most Australian PC Magazines – available at all
good newsagents.
Microsoft’s Internet Explorer (IE)
- Version 6 with Service Pack 1 (IE6 SP1)
This is the browser – used for surfing the web and also to view some
files (.html, .jpg etc)
Before you install them do the following:
• Back up your Internet Favourites folder (Search/find the Favourites
folder and copy to a new directory or Floppy disk)
• Backup Outlook Express with the free OEBACKUP (Freebie edition) from http://www.oehelp.com/OEBackup/Default.aspx
If you have Window 2000, 2003 or XP operating systems you cannot remove IE
so skip the next step.
If you have Windows 95/98/ME and are using IE 3, 4 or 5
• Remove the old version of IE first using the free IERADICATOR from http://www.litepc.com/ieradicator.html.
After the installation of IE6 SP1 go to Start, Control Panel and select
Internet Options. This brings up the settings dialogue box that you can
also see when you access Tools, Internet Options from within IE itself.
There are many custom settings that you can explore so do the following to
ensure the settings are at factory defaults.
• On the Programs, Advanced and Security tabs reset all defaults
• On the General tab clear cookies, history and files
• On the Content tab under Autocomplete…
1) clear forms and passwords and then
2) turn this feature OFF as it stores passwords that can be
cracked by hackers. If you need to use a password and forms manager
consider using Norton’s Password Manager 2004 - it stores this
information in a highly secure database.
Connect Tab: It is safer to disable the autodialing feature and simply
create a desktop shortcut to the Dial up networking properties. This helps
to stop 1900 dialer programs and Spyware. Tick “Never dial a
connection”.
Security Tab: The default setting is “Medium” and it seems to work
well. Don’t go lower than that. Select HIGH if you are surfing in
dangerous waters i.e. adult sites, freeware and shareware etc.
Privacy Tab: The default setting is “Medium” and that works well. I
use Cookiewall which is free from http://www.analogx.com/contents/download/network/cookie.htm
to manage my cookies instead of IE – more on that later.
Content Tab: You can enable Content Advisor to help block adult sites.
Don’t forget the password that you use to enable Content Advisor - as
you need it to change settings.
Outlook Express (OE)
This is the email application included with the Microsoft Operating System
and not to be confused with Microsoft Outlook which is included in the
Microsoft Office suite of software.
Remember that you should still be off-line. Open OE and go to Tools,
Options and the Security Tab. The default is to use the Internet Zone
(your IE settings)
If the box “Do not allow attachments to be opened or saved…” is
ticked you will not be able to open any attachment so untick that. Don’t
worry - your AntiVirus program should protect you on that front.
AntiVirus (AV)
These software tools protect you against viruses, Trojans, worms and other
“payloads” that can be delivered to your PC via floppy disks,
networks, web surfing, email and a variety of other means.
The biggest problem with AV is that when a new virus is invented and
released “into the wild” it can take from a few hours, days or up to
week for the AV developers to publish a related definition update (the
mechanism to identify and trap the virus). The commercial
product Norton AntiVirus 2004 publishes most new virus definition updates
very quickly. A few programs like AVG from www.grisoft.com
may only publish weekly or even less frequently. It is good practice
to always manually run a “liveupdate” every day. This will source
updates to your AV software and definitions and apply them to your PC –
sometimes that process will require a reboot to complete the installation.
It is also a good idea to explore the AV program settings and increase
the levels of protection to as high as possible. You can always revert to
lower settings if it becomes onerous. Just a note on AV programs -
most are pretty good ie. Trend PC-Cillin, Pandasoft, Vet, McAfee etc so
don’t throw them out just because we have recommended Norton.
And please note that current AV software will not detect and remove the
vast majority of Spyware – you still need a separate program to address
that issue - so read on…
N.B. - note from M Paterson: It is important to remember that the
subscription to the Norton AntiVirus “liveupdate” service is an annual
service, the first 12 months subscription are included with the initial
package purchase. 12 months (to the day) after you install
Norton AV you will need to renew your AntiVirus liveupdate subscription
for a further 12 months. I have found that it often more cost
effective to upgrade from the version I currently have to a later version
(you get another 12 months anyway) – in my case I have gone from Norton
AntiVirus 2000, to 2001, to 2002, to 2003 and to 2004 each year at the end
of my 12 month subscription period – using the www.symantec.com
online service. Please also see the note below in the FIREWALL
section on a way to save some money when purchasing Norton products from
Symantec.
Spybot Search and Destroy and Ad-aware – Spyware tools
Spybot Search and Destroy is available from the product developers at http://www.safer-networking.org/
Make sure that you update the Spyware definitions, on-line regularly.
Another excellent Spyware program is Ad-aware - free from www.lavasoftusa.com
N.B. - note from M Paterson: In my opinion neither of these Spyware
programs alone will catch and remove ALL of the offending material from
your PC. I use both of them weekly and together they make for
an excellent pair of tools for the removal of Spyware, cookies and the
related “background junk” that you collect from “surfing the web”.
Once installed open Spybot in the advanced mode from Start, Programs,
Spybot, Advanced. That will reveal a lot of new options you may not have
seen before. On the Immunize tab immunize all programs, enable
“block all spyware silently” and lock the IE home page and your Hosts
file. Remember that once you have done this you can’t change your
Start page in IE unless you untick “Lock IE state page”.
With Ad-aware, once installed, you should also update your reference file
each time before you run the package to check for Spyware.
Explore the features in both packages and use them to clean up your
systems – many users will be quite amazed at the amount of “junk”
they have collected over time.
Cookiewall
This free program from… http://www.analogx.com/contents/download/network/cookie.htm
traps all incoming cookies and displays them in a central “panel”. It
is then up to you to move them left to the “delete permanently” column
or right to “keep” them. The only ones you need to keep are the
ones that relates to Internet Banking and perhaps some Online stores and
services you use. Right click on the Cookiewall icon in the Task Bar and
under Config ensure that Autostart and Monitor IE are enabled.
Pop Up Stopper
A good pop up stopper is free from http://www.panicware.com/product_psfree.html.
Once installed you will see a small white glove icon in the task bar.
Right click and select preferences and set it to start automatically. If
you visit a site that needs popups, like banking, it will tell you and you
can double click on the little white glove in the task bar to temporarily
disable it.
Cleanup
Cleanup is free from www.stevengould.org
is a wonderful IE history and disk cleaner. Use it as needed. You can set
the level of cleaning but the default levels are fine.
Firewall software – most important
Norton Internet Security is a highly respected commercial firewall
solution. The package also includes the latest full copy of Norton
AntiVirus, a comprehensive software firewall, spam protection tools and
also some content filtering tools. If you want an all in one
package at a reasonable price this is recommended. Another similar
commercial program showing good promise is Trend PC-Cillin Internet
Security.
Note from M Paterson: It is more cost effective to download the Norton
Internet Security package from the US web site for Symantec (www.symantec.com)
than it is from the Australian Symantec web site – even with the
fluctuations in the value of the Australian Dollar. Be aware
that the download can be as much as 70Mb of data and may take some time
over a modem based Internet connection. I also encourage the option
of taking download insurance for a few dollars more – this means that
you can keep paper records of your purchase and then reload the package
during the following year if you ever need to (hard disk failure, purchase
of new system etc)
If you want a free program then Kerio Personal Firewall V4 from http://www.kerio.com/kpf_download.html
is recommended. Some of you may have heard of programs like
Zonealarm but again you only need one firewall but if you don’t use one
– anything can get in or out.
You can test your firewall’s effectiveness at www.grc.com
using Shields Up and there are a few programs (Unplug and Play, Shoot the
Messenger, DCOM) on that site that will help to tighten up your security.
Find Shields Up on the homepage and run it. If you have an open port you
have to close it – just search www.google.com
for port XYX (whatever it the number) and you will find advice about that.
The major point about a firewall is that all internet users MUST have one
– regardless of whether you are a casual 56k dial up user, a broadband
user or a power user.
Now, let’s get on the Internet
If you are a DIAL UP modem user make a shortcut on your desktop to the
dial up network in Network properties. You can then control your access to
the internet. If the dial up box pops up on the desk later then that’s a
fair indication that some other program is trying to phone home.
If you are a broadband or ADSL user you may wish to consider manually
connecting as well instead of letting the ISP software auto-connect your
PC. Although this is not mandatory it does give you some control over what
programs can use the Internet.
Updating Microsoft Windows and Microsoft Office etc
Go to http://v4.windowsupdate.microsoft.com/en/default.asp
and run the live update. Don’t forget that Microsoft Office programs
have a separate an update feature too – see the link on the Windows
Update site to same – click the Office updates link to find out more and
check and see if you copy of Microsoft Office has updates available.
If you are using Windows ME or XP it is wise to make a restore point
first just in case an update does not work. If an update does not work it
usually reflects a problem with or in your PC and a clean install of
Windows may be needed.
I use Bigfix free from www.bigfix.com
to alert me to updates from Microsoft and many other software providers.
You can turn off Auto-update in the Control Panel, System on most Windows
PC’s.
Other Protection issues
It is wise to update all of your protection programs at least weekly.
Check for later versions of the software too.
Use a product like Mailwasher - free for one POP3 mail account from www.mailwasher.net
to preview mail at your ISP’s server (where it can’t harm you) then
decide whether to download, delete or bounce the email.
As a rule - don’t open emails with attachments especially those ending
in .exe, .cmd, .bat, scr, .pif, .bat etc.
Don’t use Kazaa, ICQ, MIRC, MSN Messenger or other peer-to-peer file
sharing applications (unless you absolutely have to).
Don’t download shareware or freeware unless it has been recommended by a
trusted and reputable person or company.
If you are using Windows XP you can consider running XPANTISPY free from www.xp-antispy.org
to remove some “phone home” issues and disable MSN Messenger.
|
