Computer Security Handout KIUG 11 May 00

Thanks to Andrew Bell for these instructions, which accompanied his presentation to the Kawartha Internet Users Group meeting on 11 May, 2000. Andrew can be reached at andrewb@myrealbox.com

Basic Safety Tips

Stay informed. The more you know about security, the harder it will be for someone to fool you.
Know your system. Learn to recognize unusual behaviour in your software.
Back up your data - sooner or later, everyone loses data.
Use antivirus software, and update it regularly. (eg. "InnoculateIt" - see below)
Use a personal firewall (eg. "ZoneAlarm" - see below)
Don't open unsolicited attachments - even from someone you know.
Keep your Internet security settings on at least Medium, preferably High.
Pay attention when your software warns you of suspicious activity. Be especially wary of anyone telling you to ignore the warnings.

Resources

General Security Information

Windows security digest at the SANS Security Institute http://www.sans.org/newlook/digests/ntdigest.htm
Microsoft's introduction to computer security http://www.microsoft.com/security/new.asp
Security Focus has current news as well as a vulnerability database. http://www.securityfocus.com/

Virus Information

Innoculate page at Computer Associates http://antivirus.cai.com/ download InnoculateIT - free antivirus
Symantec's virus research centre www.symantec.com/avcenter
Rob Rosenberger's computer myths page http://www.kumite.com/myths/home.htm

Internet Specific

Gibson Research - Home of Shield's Up http://grc.com/default.htm
Zone Labs personal firewall http://www.zonelabs.com/ download zonealarm - free personal firewall

How To Secure Windows Networking

In a default installation, Windows exposes it's networking ports to the Internet at large. Since most people also neglect to password protect their own PC, these ports can be used to steal your data or vandalize your machine very easily. The 6 steps that follow are a very brief summary of the steps required to close these ports. Refer to www.grc.com if you want more details.

Make sure that Windows is up to date. Windows 98 users can simply run the Windows Update utility, and Windows 95 users should check http://www.microsoft.com/windows95/downloads/.
Access the Network Properties dialog - you can use Control Panel, Network, right click on Network Neighborhood, etc.
Check the list of installed clients and remove any that are not required. (Click selected item then Remove). At least one client is required - use Family Logon if available, or the client for Microsoft Networks otherwise. To add Microsoft Family Logon - Click Add, then Client/Add, then Microsoft, then Microsoft Family Logon. Click OK back to Network screen.
Now check the list of installed protocols. You'll already have TCP/IP, but you'll need one other, either NetBEUI or IPX/SPX. If NetBEUI is already installed, use it, otherwise add the Microsoft IPX/SPX compatible protocol. To Add IPX/SPX compatible protocol - Click Add, then Protocol/Add, then Microsoft, then IPX/SPX - compatible protocol. Click OK back to Network screen.
Now for each protocol in the list that starts with TCP//IP, bring up the properties box, then the Binding tab. Remove all of the checkmarks from the services listed. When you click "OK" after unbinding everything, Windows will warn you that you have not selected any drivers to bind with. Just click "NO" to proceed. You may get the message - "Your Network is not complete. Do you want to continue? Click "Yes" to proceed.
"OK" your way out of the dialogs, and reboot. You may get the message - "Your Network is not complete. Do you want to continue? Click "Yes" to proceed.

The next vulnerable point of entry to your system is your browser and e-mail program. Regardless of what programs you use, you should first make sure they are completely up to date, and upgrade to 128 bit encryption while you're at it:

If you use IE5 go to http://www.microsoft.com/ie. Download and install IE5.01, then download the High Encryption pack and install it.
If you use Netscape, under Preferences, Advanced, make sure that the Use JavaScript for Mail and News is turned off. You can also try turning off JavaScript altogether if you don't regularly use sites that require it.
If you use Internet Explorer 5 , you need to make sure you have the Internet Zone set to at least Medium security, and the Restricted Sites zone set to High. You'll find the security tab under Tools, Internet Options. These settings are also used by Outlook and Outlook Express.
If you use Outlook Express , go to the Security tab under Tools, Options, and choose the Restricted Sites zone for its security setting.
If you use Outlook, go to http://officeupdate.microsoft.com/downloadDetails/O98attch.htm to download a patch that enables stronger attachment checking.

Return to Bobcaygeon User Group Home Page

E-mail apanter@kawartha.net

Nexicom.net/ Kawartha.net / Peterboro.net
Graphics by Adam Panter