Safe Hex - A Guide to Safe Computing

Your number one tool for staying safe is your BRAIN. If something seems too good to be true then it probably is. Yes, that tired old saying is true. If you get an offer for something in your email or you stumble across something that seems like a really good deal, then you should be especially cautious and be certain that it is not a scam before you click on any links or send any information or money.

Examples of such scams are:

A. Someone offering to split a large cash sum if you will pay the taxes or handling fee first.
B. Someone sending you Microsoft updates to your email address.
C. Someone sending you an emergency antivirus update.
D. Someone informing you that your bank info might have been compromised and asking you to click on a link.
E. Software that promises to do something (like speed up your internet connection) for free.

Don't you believe them!

Create and use a system of secure PASSWORDS for your computer and Internet accounts. Too many people choose simple words or names that can be fairly easy to figure out while others just use the same password for everything. You want to use different passwords for each different financial account so if a thief discovers one password he won't have access to your other accounts. The secret to a good password is one that is easily remembered, one that is fairly long (to defeat brute force password attacks) and one that cannot be guessed. Don't use an obvious password like a personal name, a street address or a pet's name. If a password is so complex that it is forgotten easily or gets written down, the entire point of using a password is defeated.

I suggest using a short phrase (without spaces) because such phrases are easy to remember. Also, to make it harder to guess perhaps change some of the letters in the phrase to letters. For instance "bluerainysunday" could become "blu3ra1n7sunda7". This should satisfy all the requirements note above.

Enable the Windows XP FIREWALL or install a different firewall and keep it enabled. Quite a few different exploits are being used to infect or attack unprotected computers these days. The Windows XP firewall, especially since SP2, is a simple but effective way of stopping these attacks. It only protects against incoming problems however, so if you want to prevent recalcitrant programs from "calling home" or just stop unexpected outgoing connections from your computer then you need to install a third-party firewall.

I use the free Kerio Personal Firewall v2.15 but it does require quite a bit of configuring before it will work properly.

Many people swear by the ZoneAlarm firewall. It is also available for free or you can buy a fancier version. I don't much like it because it seems to be rather intrusive and bloated but it's better than not having a firewall.

Install a reputable ANTI-VIRUS program, keep it updated, and use it regularily. Norton Antivirus and McAfee VirusScan are probably the most popular brands but I like F-Prot for Windows because it is not bloated or resource intensive. Some others are AntiVir, Avast!, BitDefender, EZ Antivirus, F-Secure, Grisoft AVG, Kaspersky Antivirus, Eset NOD, Norman Virus Control, Sophos Antivirus, and Trend PC-cillin.

Most people install their antivirus software using the default settings so their system and Internet connection are constantly being monitored for viruses. This is probably the best setting for most people. I prefer not to have a scanner running constantly in the background so I don't enable the resident scanner. That means I must be extra careful to download all my new downloads to a designated folder which I then scan before I use.

If your antivirus software becomes disabled or for some reason you don't have any installed you can often still check for viruses by going to one of the sites listed above and doing an "online" antivirus scan. This can work pretty well except that such online scanners cannot remove as many viruses. Also, some viruses change the HOSTS file (C:\Windows\System32\Drivers\Etc\Hosts in XP) so that an infected computer cannot reach the sites listed above. If that happens just edit your hosts file so it has only the following line:
127.0.0.1 localhost

It is crucial that you keep your antivirus software updated. New viruses or versions of old ones are released every day and keeping your antivirus software updated is the best way to keep up with them.

Although it tends to be less destructive, spyware (or adware) can have a very deleterious on a computer's performance. Spyware are programs which track a computer user's actions while adware is software which tries to display advertisements while you use your computer. These programs are very pervasive on the Internet now and many will silently install themselves on your system if you use Internet Explorer. They install silently but their effect when more and more of them are running in the background is that your system will bog down and operate ever more slowly until it may not be usable at all. To get rid of them you need ANTI-SPYWARE software.

The best programs for this are Lavasoft's Ad-Aware SE and Spybot - Search and Destroy. These are both free programs that have been proven to be very good at finding and deleting spyware and adware. I like to use both of them so if one misses something the other will catch it. Just like anti-virus software, you do need to make sure they stay updated to work effectively. Beware - some spyware programs actually pretend to antispyware and offer to help prevent spyware. Before falling for these scams check around and make sure any such products have gotten good reviews.

Another good program that I sometimes use is called Hijack This. Some malware will reset or hijack your homepage from where you had it set to some advertising webpage. Hijack This can scan for these as well as BHOs (browser helper objects) and it can also show you what programs are set to start when Windows is booted up. It can also delete such references so be careful because it can disable good software as well as bad.

The next step in operating your computer safely is to keep its operating system and programs PATCHED. As problems are discovered in the software you use, the manufacturers usually will release patches. Microsoft has addressed this by running a service called Windows Update or Automatic Updates. Normally this is enabled by default but you may still need to give permission for updates to be installed when they become available. If you get a prompt from the System Tray (next to the clock), please allow these updates to be installed. If for some reason you don't have Automatic Updates enabled, you can still use Internet Explorer to visit the Windows Update site and check for updates manually.

Other software doesn't usually try to keep itself updated so nicely. It will probably be up to you to go to the program's website and manually check for updates. Fortunately, they will probably not be as critical as the updates the Microsoft provides but it is still important to check for them periodically.

Quit using Internet Explorer and Outlook Express. Since these programs are included with Windows by default, they are very popular and because of that they are very often targeted by malware and exploits. Therefore, switch to an ALTERNATE WEB BROWSER and EMAIL CLIENT. Some good browsers are Mozilla Firefox and Opera. Some good email clients are Mozilla Thunderbird, Pegasus Mail and The Bat!

Undoubtedly, as these alternate programs gain in popularity they will become targeted by malware and exploits so as I suggested above it will remain a good practice to periodically visit their developer's websites and install any security patches or updates as they become available.

Personally, I use Firefox as my browser and Eudora for email (although it requires some tweaking before being safe.) I still use Internet Explorer but only for visiting the WindowsUpdate site to retrieve updates.

Set up your computer to properly display FILE EXTENSIONS, including those of known file types. This can be done using the Folder Options applet in the Control Panel. If you can see the file extensions, then you can treat the problematic ones with due caution. Windows will still hide a few file extensions such as .pif but you can seach for and delete all instances of "NeverShowExt" with regedit.exe if you feel confident editing the registry.

One trick some malware uses is multiple extensions. You should now be able to see them properly though. Usually, only the last extension is the one that matters but I'd suggest just deleting any files that have more than one extension just to be on the safe side. If you do need to open such unknown files, use a text editor like Notepad or a hex editor like Ultraedit to do so safely.

Remain DISTRUSTFUL of any attachments or links you get via email or any files that you download. Just because an email seems to come from a trusted friend doesn't mean it was actually sent by them. They may be infected with a virus or their address may just be "spoofed" by a virus infecting a totally different computer. Find out if they actually sent you the attachment first, then scan the attachment with your updated antivirus program before opening it. Remember, no company will be sending virus warnings or updates to your email address. If you get an attachment purporting to be an antivirus update, you can be certain that it is actually a virus. Delete them.

Be just as distrustful of links you may get in email. A technique known as "phishing" is to send a victim an email warning about a problem with their account (often a bank account) and telling the victim to click on an URL to visit their account to correct the problem. The scam is that the URL may look valid but due to the way some email programs display links, it may go to a fake site. When the victim enters their account information, the bad guys who sent the phishing email now can use that information to empty bank accounts or perpetuate identity theft.

Another common mistake new comuter users make is to actually use the "unsubscribe" link offered in some spam emails in an attempt to reduce the amount they get. Don't fall for this trick. When you click on those unsubscribe links you are just confirming that your email address is valid and the spammers will send you even more spam. Instead, just delete the spam email or train your email client to recognize that it is spam using whatever filters it offers.

Even software you intentionally download can cause problems, especially if you use any P2P applications such as KaZaA or eMule to get them. I'd suggest only getting software from the manufacturer's website and even then scan the downloaded files with your updated antivirus software before running it.

Be careful giving out your PERSONAL INFORMATION. Never reveal your information to unknown websites or email inquiries. This means not handing over credit card details when doing online shopping unless it is with a site that you trust. If you're uncertain of a site you can always visit Reseller Ratings and see how other shoppers have rated their performance. If a website or email makes you even the slightest bit uneasy, trust that gut feeling and don't give your information to that site. Of course, even a well-known and trusted site can have a bad employee so be sure to check your credit card statements each month for bogus charges.

Don't use your computer to store sensitive information if it can be accessed by other people. Don't trust public terminals such as those in airports or Internet cafes with your personal information or to access your bank accounts.

Any time you have a technician work on your computer, whether in the privacy of your home or if you've taken the computer into a shop, it is a good idea to change any passwords after the work is completed. You never know when an unscrupulous person might have recorded your passwords (or any other valuable information that was on the computer) for use later. Even though it's not entirely secure, I'd suggest you use a separate account for doing all financial work on your computer and use the EFS or "encrypting file system" option that is available with Windows 2000 and newer Windows operating systems with that account. This would prevent most attempts to access such critical files. IMPORTANT! Remember to back up your private key in case you ever need to recover these files.

WIRELESS computing is all the rage now, but it is inherently less secure than using a wired connection. Therefore, one should use it only for trivial activities. Reserve any checking of banking information, financial accounts, online shopping, etcetera for a more secure wired connection. Remember, with wireless computing you have traded security for convenience. However, there are a number of steps to make wireless computing more secure.

First, log into your Wireless Access Point's configuration page and change the password. If you leave it at the default, then any cracker who figures out what model WAP you have will have full control of your access point since such default passwords are common knowledge.

Secondly, rename your SSID or "Service Set Identifier" to something other that what is named by default. This helps prevent wireless crackers from knowing which model WAP you have.

Next, change the WAP's configuration so the SSID is not broadcast. Since you already know you have a wireless network, this will not affect your useage of it at all.

If possible, configure your system to use MAC or Media Access Control filtering. If your WAP is configured to respond only to devices with known MAC addresses it will be a good deal more secure. Unfortunately, MAC addresses can easily be faked so this should not be used by itself to provide security.

Configure your wireless system to use encryption. Older wireless equipment used WEP or Wired Equivalent Privacy. It relied upon a set 64 or 128-bit key that was relatively easy to crack. Newer hardware uses WPA or Wi-Fi Protected Access uses a dynamic 256-bit key that is constantly changing so it is more difficult to crack.

No matter how careful you are, eventually your computer WILL suffer a hardware failure. It may not cause the loss of data but that is always a possibility. Therefore it is wise to BACKUP your important data and files. Whether it is printing out all your important email addresses, storing files on floppy disks, creating backup CDs or DVDs or just using the XP Backup program to copy your data to a separate drive, the important thing is just that you actually create a routine and follow it.

The backup program that comes with XP is not installed automatically. You must manually find the installation program and rum it to install it. Look for the file NTBACKUP.MSI on the XP disc in the \VALUEADD\MSFT\NTBACKUP folder. You'll find a good overview of how to use the backup program here.

My own procedure is just to copy my new files and updated data to a folder on a second harddrive. When the folder becomes full, I burn its contents to an archive DVD. That way I always have at least two copies of every file on my computer and another copy stored on disc.

Many people wish they could just boot up off a floppy disk to access their NTFS drives from a DOS command line but this is not easily possible. There are a number of drivers that provide read/write access if you search around. However, the best solution that I've found is to create a BOOTABLE PE DISC. Microsoft does provide the means to do this but only to computer makers and system builders. Regular computer users can still make their own discs by visiting Bart's PE Builder page and following the instructions there. It is rather complicated but it's a good option for the more advanced computer users out there.

Last updated 12 Feb 2005 by Michael Cecil