PC Security for beginners
(Reprinted with permission from learningpc4beginners.com)

Introduction

Years ago security remained mostly obsolete for most computers, networks, And the Internet. Most of the computers were stand alone that were used to Process information for basic needs. Most the networks were small and confined to small local areas because of lack of technology. The Internet was near to not existent.

Today, none of these ideas are true. Computers allow access to millions of bits of information along the main stream of the Internet. People have instant demand to this information. Along with the demand came high speed internet, or broadband. Broadband created an environment completely new to home users and work places alike. It allowed fast access to on-line databases and information that no one had seen before.

The Internet, though, has a darker side. Security measures help protect users against this side of the Net. The best security measure available today is PREVENTION. Prevention starts with the education of users about what they can do to keep the enemies out and off your computer. Understanding the basics of computer security is a must for any person that can access and use a computer. It does not stop just as a home personal computer (PC) but the practices can be used at work, at a friend's house, or at a public terminal.

Security Basics

The basics of security starts with the understanding of certain terminology used in the computer world. Not everyone in the world is a computer geek. A few of these terms are:

Anti virus (AV) Program

A utility that searches a hard disk for viruses and some Trojans and removes any that are found. Most anti virus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered.

Firewall:
A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

Spyware/Adware:
Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs. Once installed, the Spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.

Virus:
A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are man made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.

Trojan horse:
A destructive program that masquerades (hides) as a benign (trusted) application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

Spyware/Adware Removal Tool:
Specific software used to remove adware and spyware from a computer.

ActiveX Controls:
An ActiveX control can be automatically downloaded and executed by a Web browser. An ActiveX control is similar to a Java applet. Unlike Java applets, however, ActiveX controls have FULL access to the Windows operating system. ActiveX controls can only be run on windows OS.

Operating System (OS):
Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers. Examples of OS's are Apple's OS X, Windows XP Professional, Windows XP Home, SuSE 8.4 (Linux), Unix.

***
Definitions are from http://pcwebopaedia.com/
***

Know what OS is running on a computer! This is important to determine what types of security measures to use on that computer. Windows 98/XP will be used through the rest of this article since most home users use Windows. Remember: there is always a non-windows solution to any application that windows provides. Some of theses non-windows applications are held in higher standards than Microsoft (MS) applications because of their functionality and security.

E-Mail

A majority of virus are spread by e-mail. Virus attempt to mask themselves in an e-mail that appears to come from a friend, a known business, or a person you don't know. Never open e-mails from people unheard of. Never open at attachment unless you know 100% it is safe. Best protection against virus in attachments is to download them and scan them with your AV software. One flaw of MS e-mail programs is the preview pane. The Preview pane opens the e-mail and displays it in a small window but can infact activate a virus in the e-mail. Preview Pane can be disabled. This is a must for windows users.

Mozilla Thunderbird 0.6 (http://www.mozilla.org/thunderbird) is an e-mail program that is non-windows based as does not suffer from the flaw described above.

Web Browsers

Web browser security is a bit more complex. But, one thing to remember is to watch what sites are loaded into it. If you are really paranoid at virus and spyware, then disable all JavaScript, Java, downloading any ActiveX controls, etc. But, this will reduce some web site performance. Also, disabling ActiveX controls in Internet Explorer (IE) will make errors pop-up on a lot of pages. Pop-ups are another annoying site to see while viewing web pages. This can be stopped with some browsers like Mozilla FireFox or MyIE2 and with some external programs.

Anti-virus program

To protect you from viruses entering your computer, and to keep you from infecting other computers. No Anti Virus program is 100% effective. Be careful with emails (do plain text emails only: NO scripting NO html automatically delete unsolicited emails with attachments, Be wary of blank headers & downloads,and ones with the .exe extension on them. 'cause that's how the bad stuff usually gets in. This list could go on and on with don't. Make it a point not to open forwards. 90% of your viruses are in forwards. As nice of a friend you have to send you a so sweet of a e-mail. Don't open the attachment! This is especially true with webtv forwards. Webtv is not affected! But your PC is! SCAN! SCAN! SCAN! There are many different types of viruses. Some are popular at certain times of the year. Others pop up after being dormant for a spell. Then there are the new viruses that come along. Some viruses are around all the time. The number of viruses is in the thousands. Chances are you will get one. Make sure your A.V. has a website of instructions on how to get rid of them. Keep it in your favorites just incase. Because some viruses/Trojan make your virus program inoperable.

Local Area Networks (LANs)/Home Networks

Since the creation of broadband internet, people have begin to build home networks to simplify internet access and to have the ability to transfer files in the home. The main piece of hardware needed is a broadband access router and switch combo. The routers can connect to most broadband types (commonly either DSL or cable). The router actually logs onto the ISP and allows access to the Net for all computer connected to switch part of the hardware. One major access issue with broadband routers is setting of the administrator password in the setup tool. Some of these routers have NO PASSWORD or use ADMIN as both password and user name which is unsecure. A hacker needs is the IP address of the router and can log on to it remotely. Some routers also have wireless access.

For wireless access point, it allows a computer to use a wireless network interface card (NIC) to connect to the router without any cables. Most of the home routers should never broadcast outside a person's house. Securing these access points are done in two ways. The first way is setting up a Wired Equivalent Privacy (WEP) password. This is done from the setup tool inside the router. Each computer requiring access to the router would need this code (which is an encrypted password) to access the router. The second thing is using Media Access control (MAC) address to restrict access to the router. Each NIC contains a unique MAC address that can be used in a access table inside the router.

Passwords

Passwords remain the most used security for computers, encrypted data, and access to websites across the internet. They should be 6 to 8 characters long. A password should contain one capital letter and one lower case letter but should also contain one number or symbol. Do not use words in the dictionary in any language. The first thing a hacker can do is try to match the password using a electronic dictionary to guess it.
NEVER WRITE THEM DOWN! A lot of people just do not think about this and write them on the bottom of their mouse pad, on the top of the mouse pad, on the monitor, on the bottom of the keyboard, etc. Why have a password if its easily found? No sense in it. Some others people keep a notebook with all their passwords in it. Never let this notebook out of site or give to
anyway.

Children and the Internet

Never let a child or teen 17 and younger be alone at the computer! NEVER! You are probably saying well that's about borderline paranoid? Nope it is not. When you are online regardless if they are in chat, or in e-mail. Unless they know that person on a personal level. (family, and or close friends that you associate with on and offline) I wouldn't leave their site for five minutes! because a person says they are so and so. Does not make it true. Most children or even teens for that matter have this misconception that having a conversation with someone online for any given time is just like having a conversation with someone they have known their whole lifetime in person. They can't because of their intellect distinguish a "real" friend offline from a person they meet on the internet. They don't have the means to distinguish that a person online they are chatting with could be someone entirely different than what they were told. Children and teens have been lured away or abducted by professional stalkers and such, by just telling them what they want to hear in as less than the time it takes you to grab a cup of coffee. They have gotten enough info from children and teens to know when to expect them home, and where home is! Remember these creditors are Pros, and they know just what buttons to push to get any child they want. They have exposed children and teens to porn online, faster than you could blink. Remember... This type of person is a professional at what they do, and they know what works, and what doesn't. No matter how many times you tell a teen or a child never to give info online, these people looking for victims have more tricks than you could count. All your child needs to say is, I live in the North East, and the name of the school, what team name and sports your child or teen plays. They then have enough info to know where your child or teen lives. And they get this info within days. A few minutes everyday is info for them. Next thing you know, your child has been abducted from school. Or they follow your child home! Think about this too... A study was done on children online. One out of five are subjected to some type of Sexual content online. If your child visits chat rooms, or uses ICQ or IM, or is online for long periods of time. Then the chances of your child being exposed to this increases.

**Copied from original site and left in original wording written by Weebit. Will be updated later.**

Closing

Security remains to be hard to accomplish from normal everyday users. It is not difficult. Most people see security in two ways: one part reminds almost blind and unknown to it and other part becomes overly paranoid. The first group of people are those that find themselves with viri on their computer or a Trojan that allows their computer to act like a gateway for other hackers. The second group of people have ever security measure around and keep themselves hidden on the Net. Neither of these groups a normal user should fall into. A user needs the basic understanding of security and know what can happen if the user does not follow those practices. Installing most AV and firewall software is easy and using these projects is just as easy. Remember, there are groups out there dedicated to over help to those who have questions about what is on their computer and how to secure it.

Personal Note

Over my lifetime on computer, I've managed to contract three virus all self inflicting. None of the viri were deadly. I now take extra care in what e-mails, programs I use, and where I go on the net. I only wish that others can also do this. I am not overly paranoid about virus or anything. I have nothing to hide from anyone. Besides, I am just a PC technician educating those that are willing to listen to always be cautious on the Net.

Have fun PCing and surfing the web!

--Written By: One of our members named Flamus Diu for Learningpc4beginners.com